Threat Snapshot 2 Blurring Boundaries 3 Vulnerability Intelligence 4 Stolen Access Credentials 6 Tips 7 24 Ransomware 5 Key Findings 1 Impact of law enforcement operations While RedLine is a well-established info stealing malware active since 2020 that has been highly popular among threat actors, its network infrastructure was seized by the Dutch National Police in cooperation with other law enforcement agencies as part of Operation Magnus, which was carried out in late October 2024 As a result, the number of sales ads mentioning RedLine is expected to decline further in 2025. Moreover, the fall of RedLine (as well as the Meta infostealer that was also seized as part of Operation Magnus) could also pave the way for new info stealing malware to gain prominence, as was the case with the Lumma stealer, which emerged in early 2023 and was mentioned in only 11% of sales ads published in 2023, and in 2024 has become the most prominent stealer (mentioned in approximately half of all sales ads published throughout the year). How LUMINAR helps: LUMINAR provides a variety of advanced capabilities for dealing with the threat of stolen access credentials: + Detection of sales ads of solen access credentials associated with the organization that are published on dedicated dark web marketplaces via the Attack Surface Management module + A dedicated module collecting and presenting stolen access credentials details associated with the organization in a timely manner to uncover indications of potential internal breach Stolen Access Credentials 6 Threat Snapshot 2 Blurring Boundaries 3 Vulnerability Intelligence 4 Stolen Access Credentials 6 Tips 7 Ransomware 5 Key Findings 1