RedLine was marketed on Russian-language cybercriminal forums for $150 for the lite version, $200 for the pro version and $100/month as a subscription, making it accessible to a wide range of cybercriminals. Its features include stealing information stored in browsers such as email addresses, authentication cookies, passwords, credit cards and other autocomplete form data that could include personal information.
Operation involved US, UK, Netherlands, Belgium, Portugal, and Australia
The malware also steals cryptocurrency wallets and collects information about the infected machine such as location, hardware and installed software. The META infostealer is a version of RedLine that appeared in 2022.
“To take down the transnational malware, Eurojust coordinated cooperation between authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom, and Australia,” Eurojust said in a press release. “Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.”