The FBI released details of its investigation into RedLine after the virus's creator appeared in court.
An Armenian programmer linked to one of the most widespread data-stealing malware tools was extradited to the United States on March 23. On the very first day of his extradition, he was brought to federal court in Austin.
According to US authorities, Ambartsum Minasyan participated in the creation and support of RedLine , a malicious program that stole data en masse from infected computers. RedLine has long been used in attacks on large companies. Once launched, the program collected login credentials, payment information, and other sensitive data.
Investigators believe Minasyan didn't act alone. The group developed an entire infrastructure around RedLine, including control servers, administration panels, and a client system. Access to the malware was sold to partners, who then launched the attacks and shared the profits. The organizers also assisted the "clients" and answered their questions, and laundered the stolen funds through cryptocurrency services.
According to the case, Minasyan rented virtual servers to host parts of RedLine's infrastructure, registered internet domains, and created storage on file-sharing services used to distribute malware. In 2021, he also opened a cryptocurrency account to receive payments from partners.
The RedLine saga has been ongoing for several years. In October 2024, the US Department of Justice, along with law enforcement agencies in the Netherlands, Belgium, and the European agency Eurojust, announced an international operation against the current version of the malware. At the same time, authorities unsealed charges against alleged accomplice Maxim Rudometov , who is said to be one of RedLine's developers.
Minasyan is charged with several crimes, including conspiracy to commit payment data fraud, violating the Computer Fraud Act, and money laundering. The first count carries a maximum sentence of 10 years in prison, while the remaining counts carry a maximum sentence of 20 years. The court will determine the final sentence.
An Armenian programmer linked to one of the most widespread data-stealing malware tools was extradited to the United States on March 23. On the very first day of his extradition, he was brought to federal court in Austin.
According to US authorities, Ambartsum Minasyan participated in the creation and support of RedLine , a malicious program that stole data en masse from infected computers. RedLine has long been used in attacks on large companies. Once launched, the program collected login credentials, payment information, and other sensitive data.
Investigators believe Minasyan didn't act alone. The group developed an entire infrastructure around RedLine, including control servers, administration panels, and a client system. Access to the malware was sold to partners, who then launched the attacks and shared the profits. The organizers also assisted the "clients" and answered their questions, and laundered the stolen funds through cryptocurrency services.
According to the case, Minasyan rented virtual servers to host parts of RedLine's infrastructure, registered internet domains, and created storage on file-sharing services used to distribute malware. In 2021, he also opened a cryptocurrency account to receive payments from partners.
The RedLine saga has been ongoing for several years. In October 2024, the US Department of Justice, along with law enforcement agencies in the Netherlands, Belgium, and the European agency Eurojust, announced an international operation against the current version of the malware. At the same time, authorities unsealed charges against alleged accomplice Maxim Rudometov , who is said to be one of RedLine's developers.
Minasyan is charged with several crimes, including conspiracy to commit payment data fraud, violating the Computer Fraud Act, and money laundering. The first count carries a maximum sentence of 10 years in prison, while the remaining counts carry a maximum sentence of 20 years. The court will determine the final sentence.
