A major international law enforcement operation has dealt a significant blow to cybercrime activities involving the Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet, Europol announced on Thursday.
The action, part of the long-running Operation Endgame, involved authorities in the United States, Australia, Canada, and eight European countries, as well as several cybersecurity companies and non-profit organizations.
The latest takedown efforts, dubbed Operation Endgame 3.0, have targeted Rhadamanthys, VenomRAT, and Elysium, which authorities have described as “three large cybercrime enablers”.
Law enforcement searched 11 locations in Germany, Greece, and the Netherlands. One individual was arrested in Greece over his alleged role in the operation of the VenomRAT malware.
On the technical side, 20 domains were seized and more than 1,000 servers worldwide were disrupted or taken down.
“The dismantled malware infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials,” Europol said. “Many of the victims were not aware of the infection of their systems. The main suspect behind the infostealer had access to over 100 000 crypto wallets belonging to these victims, potentially worth millions of euros.”
[ Read: Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime ]
Police identified more than 2 million compromised email addresses and 7.4 million passwords, which have been shared with the data breach notification service Have I Been Pwned to enable users to check whether they are impacted by the cybercrime operations.
According to The Shadowserver Foundation, one of the non-profits involved in Operation Endgame 3.0, Rhadamanthys has been “one of the leading infostealers”. Shadowserver has shared some data on Rhadamanthys infections around the world.
Related: Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified
Related: Counter Antivirus Service AVCheck Shut Down by Law Enforcement
Related: TrickBot and Other Malware Droppers Disrupted by Law Enforcement
