"The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. "Rhadamanthys was initially promoted through posts on cybercrime forums, but soon it became clear that the author had a more ambitious plan to connect with potential customers and build visibility," Check Point researcher Aleksandra "Hasherezade" Doniec said in a new report."
"Rhadamanthys is available in three tiered packages, starting from $299 per month for a self-hosted version to $499 per month that comes with additional benefits, including priority technical support, server, and advanced API access. Prospective customers can also purchase an Enterprise plan by directly contacting their sales team. "The combination of the branding, product portfolio, and pricing structure suggest that the authors treat Rhadamanthys as a long-term business venture rather"
Rhadamanthys functions as a commercial information stealer distributed under a malware-as-a-service model with current version 0.9.2. The operator markets companion tools Elysium Proxy Bot and Crypt Service and has rebranded as RHAD security and Mythical Origin Labs. The stealer collects device and web browser fingerprints and integrates AI-based OCR capabilities to capture cryptocurrency wallet seed phrases. Distribution began on cybercrime forums and evolved into broader customer outreach. The offering is sold in tiered packages from $299 to $499 per month with enterprise options, support, and advanced API access, indicating a professionalized criminal business model.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]