Suspected RedLine infostealer malware admin extradited to US

Summary

Hambardzum Minasyan, an Armenian national, was extradited to the United States and charged with administering RedLine, a prolific infostealer malware-as-a-service platform. Minasyan allegedly managed the operation's digital infrastructure, including C2 servers, payment systems, and distribution channels used by affiliates to compromise victims worldwide. He faces up to 30 years in prison on charges including access device fraud, CFAA violations, and money laundering conspiracy, following the October 2024 seizure of RedLine's infrastructure by Dutch authorities in Operation Magnus.

Full text

Suspected RedLine infostealer malware admin extradited to US By Sergiu Gatlan March 26, 2026 07:51 AM 0 An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years. Hambardzum Minasyan was arrested on Monday, March 23, and appeared in federal court in Austin on Tuesday, when U.S. prosecutors accused him of registering virtual private servers that were part of RedLine's infrastructure and two web domains used during RedLine attacks. He also allegedly registered a cryptocurrency account in November 2021 that the RedLine cybercrime gang used to receive affiliate payments and created online file-sharing repositories used to distribute the malware to affiliates. "Hambardzum Minasyan allegedly conspired with others to enrich himself by developing and administering RedLine, one of the most prevalent infostealing malware variants in the world, which has previously been used to conduct intrusions against major corporations," the Justice Department said on Wednesday. "When executed, RedLine would steal data, including access devices, from victims' computers." With the help of other accomplices, Minasyan managed the operation's digital infrastructure, including administrative panels and command-and-control (C2) servers that affiliates used to deploy the info stealer to victims' compromised devices. The conspirators also allegedly provided support to actual and potential RedLine affiliates, answering their questions and requests, and conspired to steal financial information from infected systems, laundering the illegally obtained funds through cryptocurrency exchanges and other methods. Minasyan is now facing access device fraud, Computer Fraud and Abuse Act violation, money laundering conspiracy charges, and a maximum of 30 years in prison if convicted. In October 2024, the Dutch National Police seized the network infrastructure for the Redline malware-as-a-service (MaaS) platform, working with international partners in a joint action named "Operation Magnus." The United States also charged Russian national Maxim Alexandrovich Rudometov, the suspected developer and administrator of the RedLine operation, who could face up to 35 years in prison if convicted on counts of access device fraud, conspiracy to commit computer intrusion, and money laundering. More recently, in June 2025, the U.S. Department of State announced a reward of up to $10 million for information leading to the arrest of government-sponsored hackers linked to the RedLine operation and its suspected creator. Red Report 2026: Why Ransomware Encryption Dropped 38% Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded. Download The Report Related Articles: New Torg Grabber infostealer malware targets 728 crypto walletsFake enterprise VPN sites used to steal company credentialsBing AI promoted fake OpenClaw GitHub repo pushing info-stealing malwareArkanix Stealer pops up as short-lived AI info-stealer experimentInfostealer malware found stealing OpenClaw secrets for first time

Indicators of Compromise

• malware — RedLine
• malware — Torg Grabber
• malware — Arkanix Stealer