Key Insights: The Evolving Threat: The Rhadamanthys stealer, a multi-layered malware, is now available in its latest iteration, version 0.5.0, enhancing its capabilities and introducing new spying functions.
Check Point Research's Expert Analysis: CPR provides a detailed breakdown of the stealer's components, offering insights into how they operate and their potential impact.
Rhadamanthys, an advanced information stealer, is known for its multifaceted modules and layered design.
This malware, believed to be evolved from the Hidden Bee family, demonstrates significant technical sophistication.
Diverse Stub Construction: Enhanced adaptability with various shellcode and.
NET frameworks, improving its evasion and infection capabilities.
Enhanced Execution Process: A complete rewrite of the client execution process, rectifying previous bugs and improving reliability.
Expanded Wallet Support: Improved cracking algorithms for a range of digital wallets.
The power of Rhadamanthys lies in its modular design.
It supports multiple scripting languages like LUA, PowerShell, and others, making it highly adaptable and dangerous.
This version is not just a stealer but is evolving into a multipurpose bot, equipped with keyloggers and system information collectors.
Rhadamanthys is rapidly advancing, aiming to be a major player in the malware market.
Its ongoing development indicates its potential to remain a significant threat.
Check Point's XDR/XPR quickly identifies the most sophisticated attacks by correlating events across your entire security estate and combining with behavioral analytics, real time proprietary threat intelligence from Check Point Research and ThreatCloud AI, and third-party intelligence.
Comprehensive Prevention Across Your Entire Security Estate - endpoints, network, mobile, email and the cloud.
Check Point Threat Emulation provides comprehensive coverage of attack tactics, file types, and operating systems and has developed and deployed a signature to detect and protect customers against threats described in this research.
Check Point's Harmony Endpoint provides comprehensive endpoint protection at the highest security level, crucial to avoid security breaches and data compromise.
Behavioral Guard protections were developed and deployed to protect customers against threats described in this research.
Conclusion: As Rhadamanthys continues to evolve, staying informed and protected is crucial.
The work done by Check Point Research is invaluable in understanding and mitigating these threats, ensuring safety in the digital world.
This Cyber News was published on blog.checkpoint.com. Publication date: Thu, 14 Dec 2023 13:43:05 +0000