Russian police stated they detained three hackers suspected of creating and promoting the Meduza Stealer malware in a uncommon crackdown on home cybercrime.
The suspects had been arrested in Moscow and the encompassing area, Russia’s Inside Ministry spokesperson Irina Volk stated in a press release on Thursday.
The three “younger IT specialists” are suspected of creating, utilizing and promoting malicious software program designed to steal login credentials, cryptocurrency pockets information and different delicate info, she added.
Police stated they seized laptop gear, telephones, and financial institution playing cards throughout raids on the suspects’ properties. A video launched by the Inside Ministry exhibits officers breaking down doorways and storming into residences. When requested by police why he had been detained, one suspect replied in Russian, “I don’t actually perceive.”
Officers stated the suspects started distributing Meduza Stealer via hacker boards roughly two years in the past. In a single incident earlier this 12 months, the group allegedly used the malware to steal information from a company in Russia’s Astrakhan area.
Authorities stated the group additionally created one other sort of malware designed to disable antivirus safety and construct botnets for large-scale cyberattacks. The computer virus was not recognized. The three withstand 4 years in jail if convicted.
Meduza Stealer first appeared in 2023, bought on Russian-language hacking boards and Telegram channels as a service for a price. It has since been utilized in cyberattacks concentrating on each private and monetary information.
Ukrainian officers have beforehand linked the malware to assaults on home navy and authorities entities. In a single marketing campaign final October, risk actors used a faux Telegram “technical assist” bot to distribute the malware to customers of Ukraine’s authorities mobilization app.
Researchers have additionally noticed Meduza Stealer infections in Poland and inside Russia itself — together with one 2023 marketing campaign that used phishing emails impersonating an industrial automation firm.
Russia’s legislation enforcement companies not often pursue cybercriminals working contained in the nation. However researchers say that has begun to vary.
In response to a current report by Recorded Future’s Insikt Group, Moscow’s stance has shifted “from passive tolerance to energetic administration” of the hacking ecosystem — a technique that features selective arrests and public crackdowns supposed to strengthen state authority whereas preserving helpful expertise.
Such strikes mark a notable shift in a rustic lengthy seen as a secure haven for financially motivated hackers. Researchers say many of those actors are actually decentralizing their operations to evade each Western and home surveillance.
The Report is an editorially unbiased unit of Recorded Future.
Recorded Future
Intelligence Cloud.
Study extra.
![One-Week Faculty Development Programme (FDP) on Literature as a Repository of Indian Knowledge Systems by NLU Tripura [Online; Aug 25-30; 7 Pm-8:30 Pm]: Register by Aug 24](https://i2.wp.com/cdn.lawctopus.com/wp-content/uploads/2025/08/Faculty-Development-Programme-FDP-on-Literature-as-a-Repository-of-Indian-Knowledge-Systems-by-NLU-Tripura.png?w=120&resize=120,86&ssl=1)
