A coalition of international law enforcement agencies announced that they had disrupted the operations of two prolific information thieves who stole sensitive data of millions of people.

The Dutch National Police, which led the takedown of the so-called “Operation Magnus”, said it had gained “full access” to the servers used by Redline and Meta information thieves.

Information thieves are a type of malware It is specifically designed to extract sensitive information such as passwords, credit card data, search histories, and contents of cryptocurrency wallets from an infected system.

Redline is considered one of the most prolific types of information-stealing malware. It was revealed that criminals used Redline, which has been active since 2020, to steal sensitive data of hundreds of millions of people. last report. Associated with malware A hack in Uber in 2022, Theft of login information from Worldcoin Orb operatorsAnd Breach of a senior official at Israel’s National Cyber ​​Security Directorate.

Meta is a relatively new information stealer, but Operation Magnus states: “We gained full access to all Redline and Meta servers. Did you know they are actually pretty much the same?”

In a video posted on the website on Monday, the agencies said they had access to usernames, passwords, IP addresses, timestamps and registration dates, as well as the source code of skimmers and Telegram bots used by operators. malware.

The agencies also published a list of usernames of Redline and Meta skimmers belonging to “VIP” or “very important to police” users. It is not yet clear whether any arrests have been made as part of the operation, but the website claims that “legal proceedings are ongoing.”

Operation Magnus, supported by the US Federal Bureau of Investigation and the UK National Crime Agency, was announced at a meeting. newly created website Conducting Redline and Meta operations. Dutch National Police spokesperson Simone van Wordragen told TechCrunch it would release more information about the takedown on Tuesday.

A similar takedown approach has been adopted recently. Transaction targeting LockBitPolice appeared to have taken control of the ransomware gang’s dark web leak site to publish details of the operation.