Il malware Rhadamanthys it is a threat known for some time among professionals. We’re talking about a infostealer with a “multi-layer” structure, probably derived from another malware from the past (i.e Hidden Bee), which works through several modules combined together.
In fact, we are talking about a plugin system advanced and customizable, which makes the malware exploitable in different campaigns and contexts depending on the needs of the cybercriminals who use it.
The malicious agent in question is sold on clandestine forums and meeting places for hackers and, due to its nature of Malware-as-a-Service it is often updated by its creators.
Just thelatest version of Rhadamanthys is creating some apprehension among security experts. With the 0.5.0In fact, the fearsome malware has increased its data theft capabilities, also introducing other features relating to possible espionage actions.
Rhadamanthys version 0.5.0: more aggressive with crypto wallets and features a new keylogger function
What are the introductions with version 0.5.0 of Rhadamanthys? Given the MaaS nature of the infostealer, the creator himself advertises its improvements.
In the document proposed to potential customers, released at the beginning of October, the hacker presents several innovations such as the addition of a observer mode, probably useful in the context of espionage. Apparently, the process of running the client it has been completely rewritten, fixing some bugs that caused crashes in the previous version.
Not only that: now Rhadamanthys is much more effective when it has to attack crypto wallets. At present, malware can interact with various services of this type, including:
- UniSat Wallet
- Tronlink
- Trust
- Terra Station
- TokenPocket
- Phantom
- Metamask
- KardiaChain
- Exodus Desktop
- Exodus Web3
- Binance.
Other improvements concern the acquisition of token Discordbetter interaction with i browser Web as well as introducing a function keylogger. This allows the hacker on duty to record the keystrokes typed by the malware victim.