Overview
- Interior Ministry footage shows Rosgvardiya-led raids breaking down doors and seizing devices, bank cards and other evidence.
- Police say the suspects began developing Meduza about two years ago and distributed it via hacker forums.
- Meduza was sold as a malware-as-a-service infostealer that harvests credentials and crypto wallet data and can revive expired Chrome cookies for account takeovers.
- Investigators allege the detainees also created malware designed to disable security protections and build botnets.
- Authorities opened a criminal case under Part 2, Article 273 and say further suspects and incidents are being identified.