An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years.
Hambardzum Minasyan was arrested on Monday, March 23, and appeared in federal court in Austin on Tuesday, when U.S. prosecutors accused him of registering virtual private servers that were part of RedLine’s infrastructure and two web domains used during RedLine attacks.
He also allegedly registered a cryptocurrency account in November 2021 that the RedLine cybercrime gang used to receive affiliate payments and created online file-sharing repositories used to distribute the malware to affiliates.
“Hambardzum Minasyan allegedly conspired with others to enrich himself by developing and administering RedLine, one of the most prevalent infostealing malware variants in the world, which has previously been used to conduct intrusions against major corporations,” the Justice Department said on Wednesday. “When executed, RedLine would steal data, including access devices, from victims’ computers.”
With the help of other accomplices, Minasyan managed the operation’s digital infrastructure, including administrative panels and command-and-control (C2) servers that affiliates used to deploy the info stealer to victims’ compromised devices.
The conspirators also allegedly provided support to actual and potential RedLine affiliates, answering their questions and requests, and conspired to steal financial information from infected systems, laundering the illegally obtained funds through cryptocurrency exchanges and other methods.
Minasyan is now facing access device fraud, Computer Fraud and Abuse Act violation, money laundering conspiracy charges, and a maximum of 30 years in prison if convicted.
In October 2024, the Dutch National Police seized the network infrastructure for the Redline malware-as-a-service (MaaS) platform, working with international partners in a joint action named “Operation Magnus.”
The United States also charged Russian national Maxim Alexandrovich Rudometov, the suspected developer and administrator of the RedLine operation, who could face up to 35 years in prison if convicted on counts of access device fraud, conspiracy to commit computer intrusion, and money laundering.
More recently, in June 2025, the U.S. Department of State announced a reward of up to $10 million for information leading to the arrest of government-sponsored hackers linked to the RedLine operation and its suspected creator.
Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
Related Articles:
New Torg Grabber infostealer malware targets 728 crypto wallets
Fake enterprise VPN sites used to steal company credentials
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Arkanix Stealer pops up as short-lived AI info-stealer experiment
Infostealer malware found stealing OpenClaw secrets for first time