Security Updates

Malvertising via Google Ads Used to Spread Rhadamanthys Stealer

January 13, 2023

Overview

The Rhadamanthys Stealer is a malvertising campaign, spreading across the internet via Google Ads which redirect users to trojanized versions of installers for many popular software packages (ex from alert: Zoom, AnyDesk, BlueStacks, Notepad++, and Adobe Acrobat.) this malware is a “stealer” type of malware, developed to steal targeted files, system info, cookies, history, autofill’s, passwords, 2FA and password managers, VPNs, Mail Clients and more.The malware utilizes AES 256-bit encryption to communicate with its command and control. There are Indicators of Compromise (IOC) available.

Sources

https://socprime.com/blog/rhadamanthys-malware-detection-new-infostealer-spread-via-google-ads-spam-emails-to-target-crypto-wallets-and-dump-sensitive-information/

https://www.pcrisk.com/removal-guides/25643-rhadamanthys-stealer

https://threatmon.io/rhadamanthys-stealer-analysis-threatmon

Request a Consultation

"*" indicates required fields

Share with Your Network

Request a Consultation

"*" indicates required fields

Join Our Newsletter

M.A. Polce Locations

ROME • (315) 338-0388

401 Phoenix Drive
Rome, NY 13441

SOC 2® – SOC for Service Organizations: Trust Services Criteria

Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

Malvertising via Google Ads Used to Spread Rhadamanthys Stealer

Overview

Sources

Request a Consultation

Share with Your Network

Request a Consultation

M.A. Polce Locations

SOC 2® – SOC for Service Organizations: Trust Services Criteria

Quick Links

Upcoming Webinar:

The Many Sides of Cybersecurity

Download the "How Strong is Your Cybersecurity Culture?" Checklist!