Threat actors are establishing fraudulent websites for popular free and open-source software in order to promote malicious downloads via advertisements present in the Google search result.
The info-stealing malware Rhadamanthys uses Google advertisements as a means of luring people into downloading malicious software. The malware steals information including email addresses and passwords in addition to focusing on cryptocurrency wallet credentials.
Rhadamanthys is sold to criminals as malware-as-a-service (MaaS), and its utility has multiplied as infostealers become a popular tactic to attack targets.
As of yet, at least one prominent user on the cryptocurrency scene has fallen prey following the malware campaign. According to the victims, the hackers had stolen all their digital crypto assets, along with having access to their professional and personal accounts.
What is Rhadamanthys?
According to threat researcher Germán Fernández, Rhadamanthys, named after the demigod child of Zeus and Europa in Greek mythology, has been dominating Google advertising for the widely used OBS (Open Broadcasting Tool) platform, a free video recording, and streaming service.
Since November 2022, Rhadamanthys’ popularity has been growing rapidly. It has now advanced to a point where, if an online user searches for an OBS, they will eventually encounter five malicious ads at the apex of thei
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: