RedLine Stealer.

A subscription Windows info-stealer that dominated 2020–2023 cybercrime markets, harvesting browser secrets, crypto wallets, and FTP/VPN credentials; its infrastructure was disrupted by Operation Magnus in October 2024. サイバーセキュリティの マルウェア カテゴリに属します。

A subscription Windows info-stealer that dominated 2020–2023 cybercrime markets, harvesting browser secrets, crypto wallets, and FTP/VPN credentials; its infrastructure was disrupted by Operation Magnus in October 2024.

RedLine Stealer is a .NET-based Windows information stealer sold on Russian-speaking forums from around 2020 and the most prolific commodity stealer of 2021–2023. Standard capabilities include extraction of saved browser passwords, cookies, autofill, and crypto-extension data from Chromium and Gecko browsers; cryptocurrency wallet files; FTP/VPN/Steam/Discord/Telegram credentials; system fingerprinting; and an exfiltration channel to operator-controlled control servers, often with logs sold further on 'cloud of logs' marketplaces (RussianMarket, 2easy, Genesis successors). RedLine was distributed via cracked software, malvertising, YouTube/SEO baits, malicious Office docs, GitHub releases, and bundled with loaders such as Smoke or PrivateLoader. Stolen RedLine logs underpinned a sizeable share of credential-stuffing and initial-access broker activity through 2023. In October 2024 the U.S. DOJ, Dutch police, Eurojust, Microsoft, ESET, and others ran Operation Magnus, seizing infrastructure for RedLine and its sibling Meta Stealer, charging the alleged developer Maxim Rudometov, and publishing samples that enabled global cleanup. Activity dropped sharply but did not disappear.

RedLine Stealer に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

一般的な別名: RedLine, Meta Stealer (sibling)。