SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims


Two sophisticated malware campaigns, SteelFox and Rhadamanthys, are actively targeting global victims with advanced phishing tactics and exploitation techniques. The Rhadamanthys stealer malware, deployed via phishing emails disguised as copyright violation notices, uses AI-powered optical character recognition (OCR) and delivers a payload through a complex chain involving DLL side-loading. The campaign, dubbed CopyRh(ight)adamantys, has targeted media, tech, and entertainment sectors worldwide. Meanwhile, SteelFox malware, propagated through fake software downloads, exploits Windows driver vulnerabilities (CVE-2020-14979, CVE-2021-41285) to gain system privileges, deploys a cryptocurrency miner, and steals sensitive data, including credit card information. Both campaigns reflect increasingly sophisticated, financially motivated cybercrime operations leveraging advanced techniques and global targeting.

Read More


thumb-image

Solutions