Meduza Stealer malware admins arrested in Russia

First reported

31.10.2025 15:45

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Russian authorities have arrested three individuals in Moscow for creating and distributing the Meduza Stealer malware. The malware is an information-stealing program that targets account credentials, cryptocurrency wallet data, and other information stored in users' web browsers. The group also developed Aurora Stealer and a botnet malware. The arrests followed an investigation into a May 2025 incident where Meduza operators targeted an institution in Astrakhan, Russia, stealing confidential data from its servers. This breach led to the opening of a criminal case under Part 2, Article 273 of the Russian Criminal Code. The group distributed Meduza through a malware-as-a-service model, offering access in exchange for a subscription fee. The malware was notable for its ability to revive expired Chrome authentication cookies to facilitate account takeovers.

Timeline

31.10.2025 15:45 1 articles · 10d ago

Meduza Stealer malware admins arrested in Russia
Russian authorities arrested three individuals in Moscow for creating and distributing the Meduza Stealer malware. The arrests followed an investigation into a May 2025 breach where Meduza operators targeted an institution in Astrakhan, Russia, stealing confidential data. The group also developed Aurora Stealer and a botnet malware. The malware was distributed through a malware-as-a-service model and was notable for its ability to revive expired Chrome authentication cookies.
Show sources

Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
Open in new tab

Information Snippets

Meduza Stealer is an information-stealing malware that targets account credentials, cryptocurrency wallet data, and other information stored in users' web browsers.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
The malware was distributed through a malware-as-a-service model, where access was provided in exchange for a subscription fee.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
Meduza Stealer is capable of reviving expired Chrome authentication cookies to facilitate account takeovers.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
The group behind Meduza Stealer also developed Aurora Stealer, another malware-as-a-service that gained traction in 2022.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
The arrests were made following a breach in May 2025 where Meduza operators targeted an institution in Astrakhan, Russia, stealing confidential data.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
The criminal case was opened under Part 2, Article 273 of the Russian Criminal Code for the creation, use, and distribution of malicious computer programs.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45
The group also developed a botnet malware capable of disabling security protections on target systems.
First reported: 31.10.2025 15:45

1 source, 1 article
Show sources
- Alleged Meduza Stealer malware admins arrested after hacking Russian org — www.bleepingcomputer.com — 31.10.2025 15:45