Rhadamanthys: The new stealer making WAVs in the eCrime landscape
In September 2022, Rhadamanthys first appeared in the eCrime landscape, with detailed forum posts that continue to capture the attention of both threat actors and security researchers. The malware itself is technically complex, utilizing a multi-stage infection chain, compression, encoding, steganography, and encryption to make analysis and detection more difficult.
This presentation provides a summary of Rhadamanthys’ components. The talk will also dive into how the Rhadamanthys developer positions themselves in the market, focusing on their early efforts to develop a customer base by focusing on ease of use and customer support. Using CrowdStrike telemetry, we will also look at statistics on the various distribution vectors for Rhadamanthys.
The audience will gain a better understanding of Rhadamanthys’ technical workings, and gain insights on how to hunt for the malware and reduce potential impact.