{ "id": "08363a3b-8fac-4522-b9f2-499839fc951b", "created_at": "2026-04-06T00:07:16.921191Z", "updated_at": "2026-04-10T03:24:39.635792Z", "deleted_at": null, "sha1_hash": "afc9069b018bdfe5af90ac37c99076257e487a3e", "title": "US offers $10M for tips on state hackers tied to RedLine malware", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 4920342, "plain_text": "US offers $10M for tips on state hackers tied to RedLine malware\r\nBy Sergiu Gatlan\r\nPublished: 2025-06-05 · Archived: 2026-04-05 19:46:58 UTC\r\nThe U.S. Department of State has announced a reward of up to $10 million for any information on government-sponsored\r\nhackers with ties to the RedLine infostealer malware operation and its suspected creator, Russian national Maxim\r\nAlexandrovich Rudometov.\r\nThe same bounty covers leads on state hackers' use of this malware in cyber operations targeting critical infrastructure\r\norganizations in the United States.\r\nThis bounty is posted as part of the Department of State's Rewards for Justice program established by the 1984 Act to\r\nCombat International Terrorism, which rewards informants for tips that help identify or locate foreign government threat\r\nactors behind cyberattacks against U.S. entities.\r\nhttps://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"Rewards for Justice is offering a reward of up to $10 million for information leading to the identification or location of any\r\nperson who, while acting at the direction or under the control of a foreign government, participates in malicious cyber\r\nactivities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA),\" the State\r\nDepartment said.\r\n\"Anyone with information on foreign government linked associates of Rudometov, or their malicious cyber activities, or\r\nforeign government-linked use of RedLine malware, should contact Rewards for Justice via the Tor-based tips-reporting\r\nchannel.\"\r\nSince its inception, over $250 million has been paid through this program to more than 125 individuals who provided leads\r\nthat helped protect U.S. national security.\r\nRedLine Rewards for Justice poster (U.S. State Department)\r\nMaxim Alexandrovich Rudometov, the suspected developer and administrator of the RedLine infostealer malware operation,\r\nwas charged in October in the United States following a joint international law enforcement action codenamed 'Operation\r\nMagnus.'\r\n\"Rudometov regularly accessed and managed the infrastructure of RedLine Infostealer, was associated with various\r\ncryptocurrency accounts used to receive and launder payments, and was in possession of RedLine malware,\" the Justice\r\nDepartment said at the time.\r\nThe Dutch police, working with international partners, disrupted the RedLine and META malware-as-a-service (MaaS)\r\nplatforms linked to the theft of millions of account credentials. Law enforcement also disrupted their sales channels by\r\nseizing RedLine and META Telegram accounts used to promote malware to buyers.\r\nAdditionally, Eurojust and the Dutch police revealed that the authorities arrested two suspects in Belgium and seized three\r\nservers and two web domains used for command and control operations by the two malware platforms.\r\nIt's unclear if Rudometov was also arrested, but he could face up to 35 years in prison if convicted on counts of access\r\ndevice fraud, conspiracy to commit computer intrusion, and money laundering.\r\nCybersecurity firm ESET, which was also involved in the crackdown operation as a technical advisor and helped map a\r\nnetwork of over 1,200 servers linked to the two malware operations, released an online scanner that helps potential victims\r\ncheck if they are infected by Redline or META malware.\r\nhttps://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/\r\nhttps://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/" ], "report_names": [ "us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware" ], "threat_actors": [ { "id": "77b28afd-8187-4917-a453-1d5a279cb5e4", "created_at": "2022-10-25T15:50:23.768278Z", "updated_at": "2026-04-10T02:00:05.266635Z", "deleted_at": null, "main_name": "Inception", "aliases": [ "Inception Framework", "Cloud Atlas" ], "source_name": "MITRE:Inception", "tools": [ "PowerShower", "VBShower", "LaZagne" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434036, "ts_updated_at": 1775791479, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/afc9069b018bdfe5af90ac37c99076257e487a3e.pdf", "text": "https://archive.orkl.eu/afc9069b018bdfe5af90ac37c99076257e487a3e.txt", "img": "https://archive.orkl.eu/afc9069b018bdfe5af90ac37c99076257e487a3e.jpg" } }