Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
An international coalition of law enforcement agencies, coordinated by Europol, has targeted and brought down three cybercrime operations in its latest round of what authorities call “Operation Endgame.”
In a press releaseEuropol said the police operation was targeted Malware to steal information Rhadamanthys, the Elysium botnet, and the VenomRAT remote access Trojan. Authorities say the three “played a major role in international cybercrime.” Police confiscated more than 1,000 servers as part of the operation.
Europol said police arrested the unnamed “main suspect” behind VenomRAT in Greece on November 3.
“The dismantled malware infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials,” the press release said. “Many victims were not aware their systems were infected.”
According to Europol, the main suspect behind Rhadamantys had access to more than 100,000 cryptocurrency wallets, “potentially worth millions of euros.”
As an information theft tool, Rhadamantys is designed to steal various types of information from infected devices, including passwords and cryptocurrency wallet keys. Rhadamantys’ popularity soared in October after the authorities He took down the famous information theft Lumma earlier in the year, showing that after takedowns, criminals adapt using different hacking tools that may be less popular at the time.
When Rhadamantys launched in 2022, it initially relied on spreading through malicious Google ads, and later grew thanks to word of mouth on underground forums, according to Lumen’s Black Lotus Labs, one of the cybersecurity industry partners in Operation Endgame.
TechCrunch event
San Francisco
|
October 13-15, 2026
Company he wrote in a blog post Rhadamantys saw a “significant spike” and “continuous rise in the number of victims” after Lumma was removed, making it “the largest information theft malware by volume.” In October, the hacker compromised more than 12,000 victims, according to the company.
Ryan English, a researcher at Black Lotus Labs, told TechCrunch that Rhadamantys “emerged as the next information heist” after Lumma fell.
“We know others will take their place, so we continue to track to see who comes out of this,” English said, adding that law enforcement and the broader industry “can only do so much at any given time.”
“So, in a very real sense, it’s a batting game forever,” English said.