New details about "Operation Magnus" have been released, reflecting significant progress by the international community in combating and information theft malware platforms.

Following yesterday's announcement of the seizure of infrastructure, U.S. authorities unveiled a federal lawsuit against the alleged administrator Maxim Rudometov and outlined an ongoing investigation into a large cache of stolen data retrieved from the operation.

Other updates include the removal of multiple channels and further actions coordinated by the Joint Cybercrime Action Taskforce (J-CAT), supported by Europol and Eurojust, highlighting the global scale of the operation.

Arrest and Charges The U.S. Department of Justice has confirmed charges against Rudometov, who is alleged to be a key figure in the development and operation. Reportedly based in Russia, Rudometov was responsible for managing the malware's infrastructure, facilitating financial transactions, and maintaining connections to various cryptocurrency accounts associated with malware payments. He now faces federal charges, including:

• According to the fraud of access devices
• Title of the United States Code, Sections and , Conspiracy to Commit Computer Intrusion
• Pursuant to Section of Title of the United States Code, money laundering is prohibited.

If convicted, Rudometov could face years in prison for device fraud, years for conspiracy, and years for money laundering. These charges detail his central role in the technical and financial operations of the , making him a key figure in the infrastructure of one of the most widespread information-stealing platforms.

Action and Infrastructure Seizure During Operation "Magnum," a six-country law enforcement coalition coordinated by Eurojust dismantled and seized three command servers in the Netherlands and two domains critical to their operations. With support from the FBI's Austin Cyber Task Force, Belgian authorities detained two suspects, one of whom was later released, while the other remains in custody for further investigation.

Following initial leads from a cybersecurity company, the Dutch National Police's Cybercrime Unit played a crucial role in identifying and mapping the malware infrastructure. Upon discovering that over 10,000 servers worldwide were running X and Y, Dutch authorities alerted Eurojust, triggering a coordinated operation. The collected evidence included stolen credentials, browser-stored data, and authentication tokens, all of which were packaged into logs resold on the cybercrime market.

"Operation Magnus" successfully dismantled multiple channels used by affiliated companies of two information-stealing software entities for communication, license sales, and customer support, dealing a significant blow to their operations. This action disrupted key sales channels and eliminated the primary mode of anonymous encrypted communication, thereby limiting the spread and operational flexibility of the malicious software.

Security Measures for Potential Victims Cybersecurity company launches an online tool allowing individuals to check if their data has been compromised in a or attack. Potential victims are advised:

• Reset the password and enable two-factor authentication on the affected account.
• Monitor financial accounts for unauthorized activity.
• Delete saved credentials from your browser to mitigate the risk of future residual malware infections.

To enhance security, users are advised to download software only from verified sources, keep antivirus software active, and be wary of unexpected messages or too-good-to-be-true offers. The Office of International Affairs at the Department of Justice and Eurojust continue to cooperate with affected countries in further investigations, leaving room for future arrests and charges.