Info Stealer

Rhadamanthys

First seen: 2022-09 • Status: active

Currently Active Threat

Rhadamanthys is a sneaky password stealer that is hard for antivirus to catch. It specifically targets cryptocurrency users and steals wallet information along with browser passwords.

Overview

Rhadamanthys is an advanced information stealer written in C++ with sophisticated evasion capabilities. It targets cryptocurrency wallets, browser data, and various credentials.

Also Known As

Rhadamanthys Stealer

How It Spreads

  • Google Ads malvertising
  • Phishing emails
  • Fake software downloads
  • SEO poisoning

What It Does

  • Steals cryptocurrency wallet data
  • Extracts browser passwords and cookies
  • Harvests FTP and email credentials
  • Takes screenshots

Is your business exposed?

Target Platforms

Windows 10, Windows 11

Detection Tips

  • Monitor for process injection techniques
  • Watch for clipboard monitoring

MITRE ATT&CK Techniques

T1555, T1113, T1005

If You're Infected

  1. 1.

    Isolate infected system

  2. 2.

    Move crypto assets to new wallets immediately

  3. 3.

    Reset all credentials

Related Malware

Stealc, Redline Stealer, Lumma Stealer

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices