#Alleged RedLine Malware Developer Extradited to United States

A man extradited to face charges related to his alleged role as a key developer of the notorious RedLine malware.

#Background

An Armenian national, Hambardzum Minasyan, has been extradited to the United States to face charges related to his alleged role as a key developer of the notorious RedLine malware. Minasyan appeared in federal court in Austin, Texas, to face charges of conspiring with others to develop and run RedLine, a malware variant described by the US Department of Justice as "one of the most prevalent infostealing malware variants in the world."

#What is RedLine Malware?

RedLine is a type of malware that can steal a wide variety of information from affected computer systems, including:

• Account details and passwords saved in browsers
• Cookies
• Payment card information
• Details about the PCs it has compromised

The malware has been deployed against systems in over 150 countries and has been marketed and sold to cybercriminals via subscription on the dark web. It has been commonly used to harvest data from corporations and is said to have been used by hackers backed by foreign governments to target US critical infrastructure.

#Charges and Potential Sentence

Minasyan is charged with:

• Conspiring to commit access device fraud
• Conspiracy to violate the Computer Fraud and Abuse Act
• Conspiracy to commit money laundering

The charges carry a combined potential sentence of up to 30 years in prison. Specifically, US prosecutors claim that Minasyan:

• Registered two virtual private servers and two internet domains
• Created repositories on an online file-sharing site to distribute RedLine to cybercriminal affiliates
• Registered a cryptocurrency account in November 2021 to receive client payments
• Offered customer support to hackers using the malware

#Operation Magnus and the Arrest

The arrest of Minasyan is a result of "Operation Magnus," a seizure of RedLine infrastructure by international law enforcement in October 2024. The operation also saw charges filed against Russian national Maxim Rudometov, who is alleged to be another developer and administrator of RedLine, and remains at large.

The US Department of State offered a reward of up to $10 million for information about the hackers believed to be behind RedLine malware attacks. The "Operation Magnus" portal remains active at "operation-magnus.com," providing resources for potential victims to check if their credentials were harvested by the RedLine malware.

#Cybersecurity Urgency

As the legal case against Minasyan proceeds, authorities are continuing to urge businesses and individuals to harden their cybersecurity. The RedLine malware is still in use by cybercriminals, and the arrest of Minasyan serves as a reminder of the ongoing threat posed by this malware.