Thought Leadership
The US State Department has offered a reward of up to 10 million US dollars for information about hackers acting on behalf of foreign governments and linked to the RedLine malware.
The action is directed in particular against the alleged developer of the program, Russian citizen Maxim Alexandrovich Rudometov.
RedLine as a tool for cyber attacks on critical infrastructure
RedLine is a so-called infostealer malware that specializes primarily in the mass collection of access data and personal information. The US authorities suspect that it has also been used by state-supported actors to target critical infrastructure in the United States. Evidence of such use by foreign government agencies will now be rewarded under the Rewards for Justice program.
Origin and background of the reward program
Rewards for Justice has existed since 1984 and was originally set up to identify and stop international terrorists. The program now also targets cybercrime when it is carried out on behalf of the state. To date, more than 250 million US dollars have been paid out to over 125 whistleblowers who have contributed to US national security.
Operation „Magnus“: Internationale Ermittlungen gegen Rudometov
In October, Rudometov was indicted in the USA as part of a transnational operation known as “Operation Magnus”. The investigation revealed that he regularly managed the RedLine malware infrastructure, accepted payments via cryptocurrency accounts and actively distributed the software. He is suspected of several criminal offences, including fraud involving access devices, conspiracy to commit unauthorized intrusion into computer systems and money laundering. If convicted, he faces up to 35 years in prison.
The Dutch police played a central role in the investigation. Together with partners from other countries, they disrupted the activities of the META malware platform as well as RedLine. They succeeded in seizing Telegram channels for marketing the malware and arresting two suspects in Belgium. In addition, three servers and two web domains that served as control centers were seized.
The security company ESET was also involved – as a technical consultant, it helped to identify over 1,200 servers linked to RedLine and META, among other things. ESET also provided an online tool that potential victims can use to check whether they are affected by the malware.
