CyberSecurityBoard
Sponsor Register Login

Rhadamanthys information stealer introduces AI-driven capabilities

The malware allows operators to harvest a broad range of information, including system information, credentials, cryptocurrency wallets, browser passwords, cookies, and data stored in various applications. “This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in cryptocurrencies.” reads the report published by Recorded Future’s Insikt Group. Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. The malware was first identified in 2022, and since then it has been upgraded with advanced features, the latest version 0.7.0 introduces AI-driven capabilities for extracting cryptocurrency seed phrases from images. This category only includes cookies that ensures basic functionalities and security features of the website. The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). It is mandatory to procure user consent prior to running these cookies on your website. Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. The malware is developed by a threat actor known as “kingcrete2022ˮ that advertises the info stealer on multiple hacking forums, including XSS, Exploit, Best Dark, Opencard, and Center-Club. Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. The infostealer can steal credentials, system information, and financial data from infected systems, it supports sophisticated evasion techniques, including MSI installer disguise. This website uses cookies to improve your experience while you navigate through the website. Necessary cookies are absolutely essential for the website to function properly. “Knowing the mutex values and that Rhadamanthys will terminate if they are present enables the creation of a killswitch/vaccine.” continues the report.

This Cyber News was published on securityaffairs.com. Publication date: Wed, 02 Oct 2024 14:13:06 +0000


Cyber News related to Rhadamanthys information stealer introduces AI-driven capabilities

Rhadamanthys Stealer malware evolves with more powerful features - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
1 year ago Bleepingcomputer.com
New Rhadamanthys stealer version enhances features, evasion - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
1 year ago Bleepingcomputer.com
Unveiling the New Threats: Rhadamanthys v0.5.0 A Research Overview by Check Point Research - Key Insights: The Evolving Threat: The Rhadamanthys stealer, a multi-layered malware, is now available in its latest iteration, version 0.5.0, enhancing its capabilities and introducing new spying functions. Check Point Research's Expert Analysis: ...
1 year ago Blog.checkpoint.com
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition - Rhadamanthys and Lumma, alongside other stealer malware families like Meduza, StealC, Vidar, and WhiteSnake, have also been found releasing updates in recent weeks to collect cookies from the Chrome web browser, effectively bypassing newly introduced ...
4 months ago Thehackernews.com
Rhadamanthys information stealer introduces AI-driven capabilities - The malware allows operators to harvest a broad range of information, including system information, credentials, cryptocurrency wallets, browser passwords, cookies, and data stored in various applications. “This allows Rhadamanthys to extract ...
4 months ago Securityaffairs.com
'Ov3r Stealer' Malware Spreads Through Facebook to Steal Crates of Info - The malware by design exfiltrates specific types of data such as geolocation, hardware info, passwords, cookies, credit card information, auto-fills, browser extensions, crypto wallets, Office documents, and antivirus product information, according ...
11 months ago Darkreading.com
RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool - A new version of the ScrubCrypt obfuscation tool is being used to target organizations with the RedLine Stealer malware, fraud sensor network Human Security has warned. Human's Satori Threat Intelligence Team said it has uncovered the new build of ...
1 year ago Infosecurity-magazine.com
Facebook ads push new Ov3r Stealer password-stealing malware - A new password-stealing malware named Ov3r Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. The fake job ads are for management positions and lead users to a Discord URL where a ...
11 months ago Bleepingcomputer.com
Multi-layer Malware Sold on The Dark Web - Threat actors make use of fast-evolving multi-layer malware for their complexity and sophistication, as they offer the ability to rapidly adapt and change their code. To make analysis and countermeasures more difficult, this sophisticated type of ...
1 year ago Cybersecuritynews.com
Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
1 year ago Darkreading.com
MacOS info-stealers quickly evolve to evade XProtect detection - Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently. A report by SentinelOne highlights the problem through three ...
1 year ago Bleepingcomputer.com
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges - A new Golang-based information stealer malware, dubbed Titan Stealer, is being advertised by threat actors through their Telegram channel. Uptycs security researchers Karthickkumar Kathiresan and Shilpesh Trivedi first documented the malware in ...
2 years ago Thehackernews.com
Hackers Use Google Ads to Install Malware - NET malware loaders that were disseminated via malvertising attacks was discovered by SentinelLabs. The loaders, known as MalVirt, leverage the Windows Process Explorer driver for process termination together with obfuscated virtualization for ...
1 year ago Cybersecuritynews.com
Deceptive Cracked Software Spreads Lumma Variant on YouTube - FortiGuard Labs recently discovered a threat group using YouTube channels to distribute a Lumma Stealer variant. These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and ...
1 year ago Feeds.fortinet.com
Serpent Stealer Acquire Browser Passwords and Erases Logs - Beneath the surface of the cyber realm, a silent menace emerges-crafted with the precision of the. NET framework, the Serpent Stealer slithers undetected through security measures, leaving traces of its intrusion. It can also steal sensitive data, ...
1 year ago Gbhackers.com
ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware's Prevalence - Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK ...
1 year ago Techrepublic.com
Lumma malware can allegedly restore expired Google auth cookies - The Lumma information-stealer malware is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. Session cookies are specific web cookies used to allow a browsing ...
1 year ago Bleepingcomputer.com
Driven Technologies Expands Expertise With Acquisition of ieMentor - PRESS RELEASE. NEW YORK, Jan. 3, 2024 /PRNewswire/ - Driven Acquisition Inc, DBA Driven Technologies, a NY based leading cybersecurity and cloud service provider, today announced the acquisition of ieMentor, a Cisco Gold Partner with multiple ...
1 year ago Darkreading.com
Sophisticated macOS Infostealers Get Past Apple's Built-In Detection - Increasingly sophisticated infostealers are targeting macOS with the capability to evade Apple's built-in malware protection, as attackers are becoming more savvy about how to crack static signature-detection engines like the platform's proprietary ...
1 year ago Darkreading.com
Stealing Browser Passwords & Cookies - A new malicious campaign, Editbot Stealer, was discovered in which threat actors use WinRAR archive files with minimal detection to perform a multi-stage attack. The malicious WinRAR archive used by the threat actors consists of a.bat file and a JSON ...
1 year ago Cybersecuritynews.com
MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF - FortiGuard Labs recently identified an email phishing campaign using deceptive booking information to entice victims into clicking on a malicious PDF file. The PDF downloads a.NET executable file created with PowerGUI and then runs a PowerShell ...
1 year ago Feeds.fortinet.com
MrAnon Stealer Propagates via Email with Fake Hotel Booking PDF - FortiGuard Labs cybersecurity experts have discovered a sophisticated email phishing scheme that uses fraudulent hotel reservations to target unsuspecting victims. The phishing campaign involves the deployment of an infected PDF file, which sets off ...
1 year ago Cysecurity.news
Game mod on Steam breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
1 year ago Bleepingcomputer.com
Steam game mod breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
1 year ago Bleepingcomputer.com
Windows SmartScreen flaw exploited to drop Phemedrone malware - A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability to bypass Windows security prompts when opening URL files. Phemedrone is a new open-source info-stealer malware that harvests data stored in ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)