Rhadamanthys Stealer
Also known as: Rhadamanthys
Rhadamanthys is an advanced, modular infostealer sold as malware-as-a-service that steals credentials, cookies, cryptocurrency wallets, and documents. It is known for sophisticated evasion, a plugin architecture, and the ability to extract data from a wide range of applications.
What is Rhadamanthys?
Rhadamanthys is a feature-rich infostealer that markets advanced capabilities to subscribers. It uses a modular, plugin-based design and incorporates evasion and anti-analysis techniques that make it a higher-end option in the stealer market.
Capabilities
Beyond standard credential and cookie theft, Rhadamanthys can grab cryptocurrency wallets, documents, and application secrets, and supports additional modules. Its operators frequently update it, and it has been distributed through malvertising and phishing.
VantaPrism tracks advanced families like Rhadamanthys, parsing their logs so that exposures from more sophisticated stealers are surfaced with the same speed as high-volume commodity families.
Check Your Exposure arrow_forwardFrequently Asked Questions
Why is Rhadamanthys considered advanced?
Related Terms
Infostealer malware is a category of malicious software designed to silently harvest sensitive data — passwords, sess…
A stealer log is the package of data exfiltrated from a single device by infostealer malware. It typically contains s…
Lumma Stealer (LummaC2) is a malware-as-a-service infostealer that steals browser credentials, cookies, cryptocurrenc…
Malware-as-a-service (MaaS) is a criminal business model in which malware authors rent or sell their software, infras…
Cookie theft is the stealing of browser cookies — especially authenticated session cookies — so attackers can imperso…