Overview
The Rhadamanthys Stealer is a malvertising campaign, spreading across the internet via Google Ads which redirect users to trojanized versions of installers for many popular software packages (ex from alert: Zoom, AnyDesk, BlueStacks, Notepad++, and Adobe Acrobat.) this malware is a “stealer” type of malware, developed to steal targeted files, system info, cookies, history, autofill’s, passwords, 2FA and password managers, VPNs, Mail Clients and more.
The malware utilizes AES 256-bit encryption to communicate with its command and control. There are Indicators of Compromise (IOC) available.
Sources
https://www.pcrisk.com/removal-guides/25643-rhadamanthys-stealer
https://threatmon.io/rhadamanthys-stealer-analysis-threatmon