Sensitive sectors such as oil and gas face a cyber threat.
We are talking about theinfostealer Rhadamanthysa malicious agent spread with the formula Malware-as-a-Service (MaaS) which operates by stealing sensitive information on infected devices.
According to expert research, the malware is currently spread through a campagna phishing advanced which denotes as i cybercriminali have a clear idea of who and how to hit. As already mentioned in this regard, the focus is on entities relating to the oil and gas industry, with related risks regarding the potential impact on critical infrastructures.
Rhadamanthys is a malicious agent made in C++ which deals with stealing different types of data, ranging from logins FTP login credentials e-mail up to the passwords and usernames to access the Bank services.
The MaaS Rhadamanthys is a threat to oil and gas supplies
From the moment of its discovery, that is August 2022, Rhadamanthys has been updated through several releases. Each of them has introduced advanced functions that have made the infostealer increasingly difficult to detect and increasingly effective in the data theft phase.
In this specific campaign, given the sensitive targets targeted, the malware could cause enormous damage to oil companies and beyond. Despite the industry giants implementing advanced systems However, to detect and prevent infections of this type, cybercriminals appear to have found room for maneuver on a large-scale operation.
The phishing campaign used to spread Rhadamanthys is no different from many other similar ones. Malicious emails are sent by adopting different techniques to bypass provider protections.
Inside the messages there is a file PDF, hosted on a site created recently. By launching the document, malware is installed on your device, as confirmed by experts at Cofense. On the other hand, infostealers and phishing emails have already proven on several occasions to be an extremely dangerous combination.