International authorities and private tech companies have disrupted a cybercrime 'assembly line' that collected millions of login credentials and stole over $47 million. The operation targeted two unrelated tools: Amadey, a malware-as-a-service platform, and StealC, an infostealer-as-a-service platform.
Amadey has been observed since 2018, compromising devices and delivering malicious payloads for ransomware and scams. StealC collects credentials, authentication cookies, and cryptocurrency wallets.
The simultaneous disruption of both tools severes a critical link in the cybercrime chain, as many customers used both tools in their activities, relying on the same underlying infrastructure.
