Law enforcement from nine countries just dealt a coordinated blow to cybercriminals, dismantling three major operations including the Rhadamantys infostealer that had compromised over 100,000 cryptocurrency wallets. The latest 'Operation Endgame' takedown seized more than 1,000 servers but highlights the endless whack-a-mole nature of fighting cybercrime.
The cybersecurity world just witnessed another high-stakes takedown, but don't expect the victory lap to last long. Europol announced that law enforcement agencies from nine countries successfully dismantled three major cybercrime operations in their latest 'Operation Endgame' offensive, seizing over 1,000 servers and dealing a significant blow to international cybercrime networks.
The operation targeted three distinct threats that authorities say 'played key roles in international cybercrime.' The biggest catch was Rhadamantys, an infostealer that had compromised over 100,000 cryptocurrency wallets potentially worth millions of euros. Police also took down the Elysium botnet and VenomRAT, a remote access trojan whose main suspect was arrested in Greece on November 3.
But here's the sobering reality - this latest success story perfectly illustrates why cybersecurity experts describe their work as 'whack-a-mole forever.' Rhadamantys only rose to prominence after authorities took down the popular Lumma infostealer earlier this year, showing how quickly criminal operations adapt and evolve.
'The dismantled malware infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials,' Europol stated in their press release. Many victims didn't even realize their systems were compromised, highlighting how sophisticated these operations have become.
Rhadamantys launched in 2022 with a simple but effective strategy - spreading through malicious Google advertisements before growing through word-of-mouth on underground forums. According to Lumen's Black Lotus Labs, one of the cybersecurity partners in Operation Endgame, the infostealer experienced a 'dramatic uptick' after the Lumma takedown, quickly becoming 'the largest information-stealer malware by volume.'
The numbers tell the story of rapid criminal adaptation. In October alone, Rhadamantys compromised more than 12,000 victims, according to Black Lotus Labs research. Ryan English, a researcher at the firm, told TechCrunch that Rhadamantys 'emerged as the next go-to infostealer' after Lumma went down.
