Suspected RedLine infostealer malware admin extradited to US

News

Featured
Latest

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

HackerOne discloses employee data breach after Navia hack

Firefox now has a free built-in VPN with 50GB monthly data limit

Infinite Campus warns of breach after ShinyHunters claims data theft

Suspected RedLine infostealer malware admin extradited to US

A $15 move that could streamline your shopping routine

GitHub adds AI-powered bug detection to expand security coverage

PolyShell attacks target 56% of all vulnerable Magento stores

Tutorials

Latest
Popular

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Webinars
Downloads

Latest
Most Downloaded

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

Deals

Categories

eLearning

IT Certification Courses

Gear + Gadgets

Security

VPNs

Popular

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Forums
More

Virus Removal Guides
Startup Database
Uninstall Database
Glossary
Send us a Tip!
Welcome Guide

HomeNewsSecuritySuspected RedLine infostealer malware admin extradited to US

Suspected RedLine infostealer malware admin extradited to US

By Sergiu Gatlan

March 26, 2026
07:51 AM
0

An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years.
Hambardzum Minasyan was arrested on Monday, March 23, and appeared in federal court in Austin on Tuesday, when U.S. prosecutors accused him of registering virtual private servers that were part of RedLine's infrastructure and two web domains used during RedLine attacks.
He also allegedly registered a cryptocurrency account in November 2021 that the RedLine cybercrime gang used to receive affiliate payments and created online file-sharing repositories used to distribute the malware to affiliates.
"Hambardzum Minasyan allegedly conspired with others to enrich himself by developing and administering RedLine, one of the most prevalent infostealing malware variants in the world, which has previously been used to conduct intrusions against major corporations," the Justice Department said on Wednesday. "When executed, RedLine would steal data, including access devices, from victims' computers."
With the help of other accomplices, Minasyan managed the operation's digital infrastructure, including administrative panels and command-and-control (C2) servers that affiliates used to deploy the info stealer to victims' compromised devices.
The conspirators also allegedly provided support to actual and potential RedLine affiliates, answering their questions and requests, and conspired to steal financial information from infected systems, laundering the illegally obtained funds through cryptocurrency exchanges and other methods.
Minasyan is now facing access device fraud, Computer Fraud and Abuse Act violation, money laundering conspiracy charges, and a maximum of 30 years in prison if convicted.
In October 2024, the Dutch National Police seized the network infrastructure for the Redline malware-as-a-service (MaaS) platform, working with international partners in a joint action named "Operation Magnus."
The United States also charged Russian national Maxim Alexandrovich Rudometov, the suspected developer and administrator of the RedLine operation, who could face up to 35 years in prison if convicted on counts of access device fraud, conspiracy to commit computer intrusion, and money laundering.
More recently, in June 2025, the U.S. Department of State announced a reward of up to $10 million for information leading to the arrest of government-sponsored hackers linked to the RedLine operation and its suspected creator.

Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
Download The Report

Related Articles:
New Torg Grabber infostealer malware targets 728 crypto walletsFake enterprise VPN sites used to steal company credentialsBing AI promoted fake OpenClaw GitHub repo pushing info-stealing malwareArkanix Stealer pops up as short-lived AI info-stealer experimentInfostealer malware found stealing OpenClaw secrets for first time

Administrator
Extradition
Info Stealer
Information Stealer
Malware
RedLine
USA

Sergiu Gatlan
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.

Previous Article

Post a Comment Community Rules

You need to login in order to post a comment

Not a member yet? Register Now

You may also like:

Popular Stories

New KB5085516 emergency update fixes Microsoft account sign-in

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

Microsoft Exchange Online service change causes email access issues

Sponsor Posts

Overdue a password health-check? Audit your Active Directory for free

AI is a data-breach time bomb: Read the new report

Cyber resilience without the complexity. Join Zero Networks to stop lateral movement fast.

Are your AI accounts being sold on the dark web? Check for free. 

Overdue a password health-check? Audit your Active Directory for free

  Upcoming Webinar

Follow us:

Main Sections

News
Webinars
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary

Community

Forums
Forum Rules
Chat

Useful Resources

Welcome Guide
Sitemap

Company

About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog

Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure

Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved

Login

Username

Password

Remember Me

Sign in anonymously

Sign in with Twitter

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...
SUBMIT

Suspected RedLine infostealer malware admin extradited to US

This report, published by Sergiu Gatlan on March 26, 2026, details the extradition of Armenian national Hambardzum Minasyan to the United States to face criminal charges related to his alleged involvement in managing the RedLine infostealer malware operation. RedLine, a prolific malware-as-a-service (MaaS) platform, was responsible for stealing data, including access devices, from numerous corporations globally. The Justice Department alleges Minasyan orchestrated the operation by registering virtual private servers, cryptocurrency accounts, and file-sharing repositories used for distributing the malware to affiliates. He reportedly managed the network’s digital infrastructure, encompassing administrative panels and command-and-control (C2) servers, and provided support to affiliates, facilitating the theft of financial information and its subsequent laundering through cryptocurrency exchanges.

The investigation, culminating in the “Operation Magnus” joint action by Dutch law enforcement and international partners in October 2024, effectively dismantled the RedLine MaaS platform. Furthermore, U.S. authorities have also pursued the administrator of the RedLine operation, Russian national Maxim Alexandrovich Rudometov, who faces up to 35 years in prison. A $10 million reward has been offered by the U.S. Department of State for information leading to the arrest of those linked to the RedLine operation. The case highlights the continued threat posed by sophisticated cybercrime operations and the international cooperation necessary to combat them. Minasyan’s case involves charges of access device fraud, Computer Fraud and Abuse Act violation, and money laundering conspiracy, with a potential sentence of up to 30 years if convicted. The report emphasizes the ongoing vigilance required to identify and address such threats within the digital landscape.