CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits
Nov. 6, 2024, 8:33 p.m.
Tags
External References
Description
A large-scale phishing campaign deploying the latest version of Rhadamanthys stealer (0.7) has been discovered. The campaign, dubbed CopyRh(ight)adamantys, uses copyright infringement claims to target various regions globally. It impersonates numerous companies, mainly from Entertainment/Media and Technology/Software sectors, sending tailored emails to specific entities. The campaign's sophistication suggests the use of automation and possibly AI tools for lure distribution. The latest Rhadamanthys version claims to include AI-powered text recognition, though analysis reveals it uses older machine learning techniques typical of OCR software. The campaign's wide targeting and tactics indicate it's likely orchestrated by a financially motivated cybercrime group rather than a nation-state actor.
Date
Published: Nov. 6, 2024, 6:33 p.m.
Created: Nov. 6, 2024, 6:33 p.m.
Modified: Nov. 6, 2024, 8:33 p.m.
Attack Patterns
Rhadamanthys
T1012
T1552
T1497
T1087
T1573
T1518
T1082
T1083
T1071
T1055
T1134
T1204
T1132
T1027
T1112
T1056
T1001
T1566
T1059
Additional Informations
Technology
Entertainment
Media
United States of America