A coalition of international law enforcement agencies says it has disrupted the operations of two prolific information thieves who stole the sensitive data of millions of people.

The Dutch National Police, which led the so-called “Operation Magnus”, reported that it had gained “full access” to the servers used by the Redline and Meta information thieves.

Infostealers are a type of malware specially designed to extract sensitive information such as passwords, credit card details, search history and the contents of cryptocurrency wallets from an infected system.

Redline is considered one of the most prolific strains of infostealer malware. Criminals are using Redline, which has been active since 2020, to steal the sensitive data of hundreds of millions of people, according to a recent report. Malware has been attributed a 2022 Uber hackTHE stealing login details from Worldcoin Orb operatorsand breach of a senior official of Israel’s National Cyber ​​Security Directorate.

Meta is a relatively new hack, although Operation Magnus notes, “We gained full access to all Redline and Meta servers. Did you know they were actually pretty much the same?”

In a video posted on the website on Monday, the agencies say they were able to access usernames, passwords, IP addresses, timestamps and registration data, along with the source code for both the information spree and Telegram bots used by the website operators. malware.

The agencies also teased a list of usernames belonging to “VIP” — or “very important to the police” — users of the Redline and Meta information stealers. It is not yet clear if any arrests have been made in the operation, but the website claims “legal action is ongoing”.

Operation Magnus, which was supported by the US Federal Bureau of Investigation and the UK’s National Crime Agency, was announced in a newly created website output to Redline and Meta operations. Simone van Wordragen, a spokeswoman for the Dutch National Police, told TechCrunch that they would release more information about the takedown on Tuesday.

A similar approach to withdrawal has been adopted recently operation targeting LockBitwhich saw police take control of the ransomware gang’s dark web leak site to post details of the operation.