Check Point Research Unveils New Version of Rhadamanthys Malware with Advanced Evasion Techniques
Introduction to Rhadamanthys 0.9.2
Check Point Research (CPR), a leading cybersecurity firm, has confirmed the release of an upgraded version of the notorious information-stealing malware, Rhadamanthys, now designated as version 0.9.2. This update introduces advanced evasion techniques intended to bypass conventional detection methods, substantially complicating the ability of cybersecurity professionals to monitor and mitigate its impacts.
Key Highlights
- - The latest iteration, Rhadamanthys 0.9.2, includes modifications that disable existing security tools and introduces state-of-the-art evasion techniques.
- - The threat actors behind this malware have rebranded themselves as RHAD Security / Mythical Origin Labs and have launched a sophisticated website offering a range of products.
- - New technical elements include innovative payload delivery methods utilizing PNG files, encryption updates, enhanced capabilities to detect advanced sandbox environments, customizable process injections, and new targeting of the Ledger Live cryptocurrency wallet.
Understanding the Threat
Rhadamanthys first surfaced in late 2022 within underground forums and quickly gained notoriety as a widely utilized information-stealing malware. Initially available via subscription, pricing ranges from $299 per month to enterprise packages, making it accessible to various cybercriminals.
This malware is capable of stealing sensitive information, including authentication credentials, browser data, files, and cryptocurrency wallets, exacerbating the risks faced by businesses and individuals alike. Over time, the attackers have constructed an extensive ecosystem around Rhadamanthys, complete with branding (RHAD Security), professional-looking websites, and even support channels, indicating that this is no ordinary malware but rather a full-fledged criminal enterprise.
Evolving Brand Identity
Initially advertised through underground forums, the operators of Rhadamanthys quickly expanded their outreach to include Telegram support channels, TOR sites, and direct contact methods. Following the latest release, the website has undergone a complete overhaul, projecting a refined, professional appearance. The group’s branding as
Topics Other)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.