Recently, Cyble came across a new strain of malware called “Rhadamanthys Stealer.” This stealer variant is active, and the TA behind the malware stealer is selling this under the Malware as a Service (MaaS) model.
Rhadamanthys stealer spreads by using Google Ads that redirect the user to phishing websites that mimic popular software such as Zoom, AnyDesk, Notepad++, Bluestacks, etc. It can also spread via spam email containing an attachment for delivering the malicious payload.
Rhadamanthys: New Stealer Spreading Through Google Ads