Police take down three cybercrime operations in latest round of ‘whack-a-mole’

An planetary conjugation of instrumentality enforcement agencies coordinated by Europol targeted and took down 3 cybercrime operations successful its latest circular of what authorities telephone “Operation Endgame.”

In a property release, Europol said that the constabulary cognition targeted the infostealing malware Rhadamanthys, a botnet called Elysium, and the distant entree trojan VenomRAT. The authorities accidental each 3 “played a cardinal relation successful planetary cybercrime.” Police seized much than 1,000 servers arsenic portion of the operation. 

Europol said constabulary arrested the unnamed “main suspect” down VenomRAT successful Greece connected November 3.

“The dismantled malware infrastructure consisted of hundreds of thousands of infected computers containing respective cardinal stolen credentials,” the property merchandise read. “Many of the victims were not alert of the corruption of their systems.”

According to Europol, the main fishy down Rhadamantys had entree to implicit 100,000 crypto wallets, “potentially worthy millions of euros.”

As an infostealer, Rhadamantys is designed to bargain assorted kinds of accusation from infected devices, including passwords and cryptocurrency wallet keys. Rhadamantys spiked successful popularity successful October aft authorities took down the fashionable infostealer Lumma earlier successful the year, showing that aft takedowns, criminals accommodate by utilizing antithetic hacking tools that mightiness beryllium little known astatine the time.

When Rhadamantys launched successful 2022, it initially relied connected spreading done malicious Google advertisements, and aboriginal grew acknowledgment to word-of-mouth connected underground forums, according to Lumen’s Black Lotus Labs, 1 of the cybersecurity manufacture partners successful Operation Endgame. 

The steadfast wrote successful a blog post that Rhadamantys had a “dramatic uptick” and a “consistent emergence successful the fig of victims” aft the Lumma takedown, making it “the largest information-stealer malware by volume.” In October, the infostealer had compromised much than 12,000 victims, according to the firm.

Ryan English, a researcher astatine Black Lotus Labs, told TechCrunch that Rhadamantys “emerged arsenic the ‘next’ go-to infostealer” aft Lumma went down.

“We cognize that others volition instrumentality their place, truthful we conscionable support tracking to spot who’s emerging from that,” said English, adding that instrumentality enforcement and the wider manufacture “can lone bash truthful overmuch astatine immoderate time.” 

“So successful a precise existent sense, it’s whack-a-mole forever,” said English.