The Evolution of Rhadamanthys Malware: A Powerful Information Stealer
The Rhadamanthys information stealer malware has been evolving with new features and a plugin system that allows for customization, making it a versatile threat. It is distributed through malicious websites and can harvest sensitive information from compromised hosts, including web browsers, crypto wallets, email clients, VPNs, and instant messaging apps. The malware's development shows similarities to the Hidden Bee coin miner, indicating a fast-paced and ongoing evolution. The current version, 0.5.2, includes a new plugin system that enables customers to deploy additional tools tailored to their targets. Additionally, the malware uses a Lua script runner to extract information from various sources and has added clipper functionality to divert cryptocurrency payments. The findings coincide with the discovery of new AsyncRAT infection chains that use a legitimate Microsoft process to deploy a remote access trojan (RAT) via phishing attacks.
- Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges The Hacker News
- Rhadamanthys Stealer malware evolves with more powerful features BleepingComputer
- Rhadamanthys v0.5.0 - a deep dive into the stealer’s components Check Point Research
- Malware dubbed 'Rhadamanthys' updated to exact more misery SC Media
- Rhadamanthys - A Fast-evolving Multi-layer Malware Sold on The Dark Web CybersecurityNews
Reading Insights
0
1
3 min
vs 4 min read
81%
724 → 137 words
Want the full story? Read the original article
Read on The Hacker News