Ethical Hacking News
Rhadamanthys Malware Administrator's Reign Ends as Operation Endgame Seizes Servers and Reveals Scope of Global Infostealing Operation. In a significant blow to cybercrime operators, Europol and Eurojust have announced the completion of Operation Endgame, a coordinated effort to dismantle the Rhadamanthys infostealer operation. Over 1,025 servers tied to the malware were seized, revealing more than 525,000 infections between March and November 2025 across 226 countries. The operation highlights the importance of international cooperation in combating cybercrime.
Europol and Eurojust completed Operation Endgame, dismantling the Rhadamanthys infostealer operation.The operation resulted in the seizure of over 1,025 servers tied to the malware, implicated in hundreds of thousands of infected computers worldwide.Rhadamanthys was a sophisticated piece of malware designed to steal sensitive information from compromised systems.Over 525,000 infections and 86 million individual records were collected by the operation across 226 countries.The main suspect had access to over 100,000 crypto wallets worth millions of euros.The takedown also involved the seizure of infrastructure related to other malware operations.International cooperation was key to the success of Operation Endgame in combating cybercrime.
In a significant blow to cybercrime operators, Europol and Eurojust have announced the completion of Operation Endgame, a coordinated effort to dismantle the Rhadamanthys infostealer operation. This complex takedown involved the seizure of over 1,025 servers tied to the malware, which has been implicated in hundreds of thousands of infected computers worldwide. The operation, which began on November 10-13, was part of a long-running initiative aimed at combating cybercrime and protecting the personal data of individuals.
According to reports, the Rhadamanthys infostealer was a sophisticated piece of malware designed to steal sensitive information from compromised systems. Its administrator promised customers that they would receive only less lucrative data than the most valuable secrets and cryptocurrency keys, which were allegedly being kept by the operator for personal gain. This tactic was intended to undermine trust within criminal organizations, but ultimately proved ineffective in protecting the administrator's own interests.
As part of Operation Endgame, officials accessed a Rhadamanthys database, revealing more than 525,000 infections between March and November 2025 across 226 countries. The data also showed that over 86 million individual records had been collected by the operation, providing valuable insights into the scope and impact of the infostealing operation.
The team behind Operation Endgame has stated that they accessed a Rhadamanthys database revealing more than 525,000 infections between March and November 2025 across 226 countries, collecting over 86 million individual records. The main suspect behind the infostealer had access to over 100,000 crypto wallets belonging to these victims, potentially worth millions of euros.
The takedown also involved the seizure of infrastructure related to other malware operations, including Elysium and VenomRAT. The administrator of Rhadamanthys was reportedly told by customers to down tools "for safety reasons" on November 11, hours before the operation's onion site went dark.
While the administrator and some customers remain at large, the takedown is seen as a significant victory for law enforcement agencies working together to combat cybercrime. The Shadowserver Foundation, which assisted in the enforcement action, stated that the operation had provided valuable intelligence, including access to a Rhadamanthys database revealing more than 525,000 infections between March and November 2025 across 226 countries.
The scope of Operation Endgame highlights the importance of international cooperation in combating cybercrime. The operation involved coordinated efforts from law enforcement agencies in multiple countries, demonstrating that together, it is possible to make significant progress against sophisticated cyber threats.
In a statement, Europol praised the collaboration between law enforcement agencies and thanked them for their hard work on this case. The agency stated that Operation Endgame was an example of how international cooperation can be effective in combating cybercrime.
The Rhadamanthys infostealer is just one example of the many sophisticated malware operations that have been targeted by law enforcement agencies in recent years. These operations often involve complex networks and sophisticated tactics, making them challenging to disrupt.
However, with continued efforts from law enforcement agencies, it is possible to make progress against these threats. Operation Endgame serves as a reminder of the importance of international cooperation and collaboration in combating cybercrime.
The seizure of servers and infrastructure related to Rhadamanthys and other malware operations is a significant blow to cybercrime operators. The operation highlights the ability of law enforcement agencies to work together across borders to combat sophisticated cyber threats.
In conclusion, Operation Endgame marks an important victory for law enforcement agencies working together to combat cybercrime. The takedown of the Rhadamanthys infostealer operation serves as a reminder of the importance of international cooperation and collaboration in combating these threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Rhadamanthys-Malware-Administrators-Reign-Ends-as-Operation-Endgame-Seizes-Servers-and-Reveals-Scope-of-Global-Infostealing-Operation-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/11/13/rhadamanthys_takedown/
Published: Thu Nov 13 06:26:24 2025 by llama3.2 3B Q4_K_M
