Fixed Intel
HIGH THREAT ALERT|Threat Actor: RedLine MaaS Group (Hambardzum Minasyan, Maxim Alexandrovich Rudometov)
Aggregated Intel
High
Industry NewsImpact: 75/10

Alleged RedLine Malware Administrator Extradited to US

Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware.

FIFixed Intel Team||2 min read|2 Views
Alleged RedLine Malware Administrator Extradited to US

AI-Generated Summary

Armenian national Hambardzum Minasyan has been extradited to the US for his alleged role as a RedLine infostealer malware administrator, responsible for maintaining infrastructure, collecting affiliate payments, and distributing the malware. He faces charges including conspiracy to commit access device fraud, money laundering, and CFAA violations, with potential sentences up to 20 years. RedLine, a widely-used Malware-as-a-Service infostealer since 2020, remains a leading cybercriminal threat despite a 2024 law enforcement takedown attempt.

Threat Actor

RedLine MaaS Group (Hambardzum Minasyan, Maxim Alexandrovich Rudometov)

Affected Sectors

Financial ServicesTechnologyRetailHealthcareGovernmentCryptocurrency

Frameworks

NIST CSFISO27001NIST SP 800-53NCA-ECCPCI-DSSGDPR

Aggregated from SecurityWeek

This article was automatically aggregated from an external source. Content may be summarized.

Read Original

Full Analysis

Armenian national Hambardzum Minasyan has been extradited to the United States over his alleged role in the administration of the RedLine infostealer malware.

The US Justice Department announced Minasyan’s first appearance in a Texas court on Wednesday. 

According to authorities, the man was involved in maintaining the malware’s infrastructure, including command-and-control servers and administration panels used by affiliates. He also allegedly collected payments from affiliates and handled support requests.

“The indictment alleges that Minasyan registered two virtual private servers to host portions of RedLine’s infrastructure as well as two internet domains in support of the RedLine scheme,” the DOJ said. 

“He also allegedly created repositories on an online file sharing site that were used to distribute RedLine to affiliates. In November 2021, he allegedly registered a cryptocurrency account that was used to receive payments from RedLine affiliates,” the DOJ added.

Minasyan has been charged with conspiracy to commit access device fraud, conspiracy to commit money laundering, and conspiracy to violate the CFAA. He faces up to 10 years in prison for access device fraud and up to 20 years in prison for the remaining counts.

Advertisement. Scroll to continue reading.

RedLine is a widely used information stealer offered via a malware-as-a-service model, enabling cybercriminals to steal browser credentials, cryptocurrency wallet data, VPN credentials, and other information.

The malware emerged in 2020 and was targeted in an international law enforcement operation in October 2024. However, the takedown effort had limited impact, and RedLine remains one of the most popular infostealers among cybercriminals, frequently cited by security firms as a leading threat in the category.

In mid-2025, the US Department of State announced a $10 million reward for information on Maxim Alexandrovich Rudometov, who is believed to be the main developer and administrator of RedLine. Rudometov was born in Ukraine, but fled to Russia in early 2022. 

Related: US Prisons Russian Access Broker for Aiding Ransomware Attacks

Related: Russian Cybercriminal Gets 2-Year Prison Sentence in US

Related: Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Originally published by SecurityWeek

Original Source

SecurityWeek