CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits

Description

A large-scale phishing campaign deploying the latest version of Rhadamanthys stealer (0.7) has been discovered. The campaign, dubbed CopyRh(ight)adamantys, uses copyright infringement claims to target various regions globally. It impersonates numerous companies, mainly from Entertainment/Media and Technology/Software sectors, sending tailored emails to specific entities. The campaign's sophistication suggests the use of automation and possibly AI tools for lure distribution. The latest Rhadamanthys version claims to include AI-powered text recognition, though analysis reveals it uses older machine learning techniques typical of OCR software. The campaign's wide targeting and tactics indicate it's likely orchestrated by a financially motivated cybercrime group rather than a nation-state actor.