New features of the stealer make it a universal tool for every user.
According to a new report from Check Point Research, the Rhadamanthys infostiler has received a significant update to version 0.5.0, adding a number of new features and improvements. Rhadamanthys now has a multi-level structure and a variety of modules.
The latest update includes a surveillance mode, enhanced template building capabilities for various use cases, and improved execution of the client process. We also fixed bugs in the system function call code and support for various cryptocurrency wallets, including Metamask and Binance. Developers have improved their hacking algorithms and added support for new data types.
A key innovation was the addition of string obfuscation and the use of Thread Local Storage for temporary buffers, which allows you to hide lines of code from analytical tools. The implementation of various obfuscation algorithms indicates an increased level of protection against detection.
The netclient module responsible for communicating with the Command and Control (C2) server has been significantly modified. It now uses sophisticated mechanisms to bypass analysis and track actions.
Special attention is paid to protection against analysis and monitoring, including checking for prohibited processes and bypassing browser protection. In addition, new components for secondary development have been added to Rhadamanthys, allowing customers to create their own plugins.
Version 0.5.1, released after the publication of the Check Point article, introduced even more features, including the Clipper module for tracking the clipboard and replacing wallet addresses with malicious addresses. We also improved our work with Telegram notifications and support for restoring Google account cookies.
Rhadamanthys developers are actively working to improve their product, making it not only a powerful tool for data theft, but also a universal bot that can perform many tasks. The latest update is another step in the development of complex and multifunctional malware.
According to a new report from Check Point Research, the Rhadamanthys infostiler has received a significant update to version 0.5.0, adding a number of new features and improvements. Rhadamanthys now has a multi-level structure and a variety of modules.
The latest update includes a surveillance mode, enhanced template building capabilities for various use cases, and improved execution of the client process. We also fixed bugs in the system function call code and support for various cryptocurrency wallets, including Metamask and Binance. Developers have improved their hacking algorithms and added support for new data types.
A key innovation was the addition of string obfuscation and the use of Thread Local Storage for temporary buffers, which allows you to hide lines of code from analytical tools. The implementation of various obfuscation algorithms indicates an increased level of protection against detection.
The netclient module responsible for communicating with the Command and Control (C2) server has been significantly modified. It now uses sophisticated mechanisms to bypass analysis and track actions.
Special attention is paid to protection against analysis and monitoring, including checking for prohibited processes and bypassing browser protection. In addition, new components for secondary development have been added to Rhadamanthys, allowing customers to create their own plugins.
Version 0.5.1, released after the publication of the Check Point article, introduced even more features, including the Clipper module for tracking the clipboard and replacing wallet addresses with malicious addresses. We also improved our work with Telegram notifications and support for restoring Google account cookies.
Rhadamanthys developers are actively working to improve their product, making it not only a powerful tool for data theft, but also a universal bot that can perform many tasks. The latest update is another step in the development of complex and multifunctional malware.
