Accusations have been made against Maxim Rudometov, who is suspected of developing and administering one of the most infamous malware in recent years – Redline.
Redline has been notorious in the cybercrime landscape for stealing accounting data, financial information, and bypassing two-factor authentication. It was sold through subscription services and became one of the most successful infostealers in the black market.
These charges are part of the international Operation Magnus, which aims to crack down on the activities of MAAS programs like Redline and META. Through the investigation, law enforcement agencies were able to access the data of victims whose devices were infected with Redline and Meta. Numerous unique accounts, email addresses, bank accounts, cryptocurrency wallet numbers, and credit card numbers were compromised. The investigation is ongoing, and the exact extent of the stolen data is still being determined.
The US Department of Justice has gathered evidence of Rudometov’s direct involvement in creating and managing Redline. He allegedly oversaw the malware infrastructure, possessed cryptocurrency accounts where funds from Redline operations were received and laundered, and kept copies of the malicious program.
Rudometov faces charges of fraud with access devices, conspiracy to hack computer systems, and money laundering. The maximum penalties for each charge are 10, 5, and 20 years of imprisonment, respectively. If convicted on all counts, Rudometov could face up to 35 years behind bars. However, he has not been detained at the moment.
As part of the operation, authorities seized 3 servers in the Netherlands and took control of 2 domains that were used to manage the Redline and META platforms. Additionally, 2 individuals in Belgium were arrested, with one of them identified as a client of the malicious platform.
Investigators also uncovered details about the server network, revealing a complex system of over 1200 servers in various countries that interacted with central servers in the Netherlands. The Redline and META Telegram channels used for distributing the harmful software were also blocked temporarily.
Despite these actions, the potential threat of Rudometov reconstructing the Redline infrastructure and resuming operations remains if he remains at large.