An international law enforcement coalition led by Europol dismantled three significant cybercrime operations in a recent initiative called “Operation Endgame.” They targeted the infostealing malware Rhadamanthys, the Elysium botnet, and the remote access trojan VenomRAT, seizing over 1,000 servers in the process. Authorities arrested the primary suspect behind VenomRAT in Greece on November 3. Europol's press release highlighted the extensive damage these operations caused, with millions of stolen credentials from hundreds of thousands of infected computers. Rhadamantys, an infostealer that emerged in 2022, has grown rapidly, particularly after the takedown of the Lumma infostealer earlier this year. Reports indicate that Rhadamanthys accessed over 100,000 cryptocurrency wallets, potentially worth millions. This malware spreads through malicious Google ads and has gained traction via underground forums. In October alone, it compromised over 12,000 victims, making it the most prevalent information-stealer by volume, according to insights from Lumen’s Black Lotus Labs. Ryan English, a researcher at Black Lotus Labs, emphasized that the rise of Rhadamanthys demonstrates how cybercriminals quickly adapt after law enforcement actions. He noted that while authorities can make significant arrests and take down operations, new threats will always emerge. This ongoing battle against cybercrime resembles a never-ending game of “whack-a-mole,” as the industry continuously tracks new threats entering the scene.