New AI boosts Rhadamanthys malware capabilities

AI Malware

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware. This includes the use of artificial intelligence (AI) for optical character recognition (OCR). It is part of what’s called “Seed Phrase Image Recognition.”

This enhancement allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images.

It makes it a potent threat for anyone dealing in cryptocurrencies. According to an analysis by Recorded Future’s Insikt Group, Rhadamanthys can recognize seed phrase images on the client side. It then sends them back to the command-and-control (C2) server for further exploitation.

Rhadamanthys was first discovered in the wild in September 2022. It has emerged as one of the most powerful information stealers available under the malware-as-a-service (MaaS) model. The developer of the malware, known as “kingcrete,” continues to market the new versions on platforms like Telegram, Jabber, and TOX.

This is despite bans from underground forums like Exploit and XSS for targeting entities within Russia and the former Soviet Union. The malware is sold on a subscription basis for $250 per month or $550 for 90 days. Rhadamanthys allows its users to harvest a wide range of sensitive information from compromised hosts.

This includes system information, credentials, cryptocurrency wallets, browser passwords, cookies, and data stored in various applications.

New AI enhances Rhadamanthys features

The malware also employs evasion techniques to complicate analysis efforts within sandboxed environments.

Version 0.7.0 of Rhadamanthys, released in June 2024, significantly improves upon its predecessor 0.6.0, which was launched in February 2024. The latest version includes a complete rewrite of both client-side and server-side frameworks. This enhances the program’s execution stability.

Additionally, it features 30 wallet-cracking algorithms, AI-powered graphics, and PDF recognition for phrase extraction. The text extraction capability has also been enhanced to identify multiple saved phrases. The malware now includes a feature that allows threat actors to run and install Microsoft Software Installer (MSI) files.

This helps evade detection by security solutions installed on the host. It also has a setting to prevent re-execution within a configurable time frame. A noteworthy aspect of Rhadamanthys is its plugin system.

It can augment its capabilities with keylogger, cryptocurrency clipper, and reverse proxy functionalities. “Rhadamanthys is a popular choice for cybercriminals,” Recorded Future stated. “Coupled with its rapid development and innovative new features, it is a formidable threat all organizations should be aware of.”

Feeling stuck in self-doubt?

Stop trying to fix yourself and start embracing who you are. Join the free 7-day self-discovery challenge and learn how to transform negative emotions into personal growth.

Join Free Now

Picture of Sophia Chen

Sophia Chen

Sophia has propelled her company to the pinnacle of the industry. Through her strategic leadership, Sophia continues to redefine the technological landscape, pushing boundaries and shaping the future of the tech world.

RECENT ARTICLES

TRENDING AROUND THE WEB

Men who are uncomfortable with physical affection often had these 8 experiences when growing up

Men who are uncomfortable with physical affection often had these 8 experiences when growing up

Global English Editing

People who are so loyal they often stay in toxic relationships usually display these 8 traits, according to psychology

People who are so loyal they often stay in toxic relationships usually display these 8 traits, according to psychology

Global English Editing

If you really want to find the right person, let go of these 8 self-sabotaging behaviors

If you really want to find the right person, let go of these 8 self-sabotaging behaviors

Global English Editing

4 zodiac signs who struggle the most with self-doubt

4 zodiac signs who struggle the most with self-doubt

Baseline

7 subtle habits you probably don’t realize are holding you back in life

7 subtle habits you probably don’t realize are holding you back in life

Small Business Bonfire

If you genuinely want to find your soulmate one day, say goodbye to these 8 behaviors

If you genuinely want to find your soulmate one day, say goodbye to these 8 behaviors

Baseline