Find notable cyber news and cases, enriched with sources, timelines, and signals.

Operation Endgame takedown of Rhadamanthys, Venom RAT, and Elysium

Law Enforcement
First reported
Last updated
Happening score
H score 46
1 unique sources, 1 articles

Summary

Hide ▲

Authorities arrested the main Venom RAT suspect in Greece and disrupted Rhadamanthys Stealer, Venom RAT, and the Elysium botnet during Operation Endgame. The coordinated enforcement phase ran from November 10 to 13, 2025 and targeted criminal infrastructure used to support ransomware enablers worldwide. Officials said the operation took down more than 1,025 servers and seized 20 domains. The dismantled infrastructure contained hundreds of thousands of infected computers and several million stolen credentials.

Related Happenings

StealC and Amadey infostealer infrastructure disruption

Malware Activity
H score69 First: 24.06.2026 18:25 Last: 24.06.2026 18:25 Sources 1

About this happening: **StealC** and **Amadey** malware infrastructure was disrupted in **Operation Endgame**, cutting off the command-and-control services used to manage infected systems. Europol said...

Operation Endgame takedown of Amadey and StealC infrastructure

Law Enforcement
H score66 First: 24.06.2026 18:02 Last: 24.06.2026 18:02 Sources 1

About this happening: An **international law-enforcement takedown** under **Operation Endgame** disrupted shared infrastructure used by **Amadey** and **StealC**, with **Microsoft**, **Europol**, and i...

Operation Endgame international cybercrime disruption initiative

Public Sector Action
H score57 First: 19.06.2026 18:07 Last: 19.06.2026 18:07 Sources 1

About this happening: **Operation Endgame** is an **ongoing international law enforcement initiative** that now includes the takedown of **SocGholish** infrastructure, expanding disruption of botnets a...

Operation Endgame takedown of SocGholish and Evil Corp infrastructure

Law Enforcement
H score58 First: 18.06.2026 16:25 Last: 18.06.2026 16:25 Sources 1

About this happening: **International law enforcement** disrupted **SocGholish/FakeUpdates** infrastructure in **Operation Endgame** on **June 18**, cleaning **14,971 compromised WordPress websites** a...

Europol-led AudiA6 crypto-laundering takedown

Law Enforcement
H score29 First: 11.06.2026 18:55 Last: 11.06.2026 18:55 Sources 1

About this happening: **Law enforcement** dismantled **AudiA6**, a **cryptocurrency laundering service** used by **ransomware gangs** and other cybercriminal networks, in a **June 10, 2026** multinatio...

Timeline

  1. 13.11.2025 13:16 2 articles · 7mo ago

    Operation Endgame disruption and impact reported

    Campaign Scope Update

    Europol and Eurojust said Operation Endgame disrupted Rhadamanthys Stealer, Venom RAT, and the Elysium botnet during the November 10-13, 2025 enforcement window, taking down more than 1,025 servers and seizing 20 domains. Europol said the dismantled infrastructure covered hundreds of thousands of infected computers and several million stolen credentials, and that the main suspect behind the infostealer had access to 100,000 cryptocurrency wallets; Check Point also reported that the latest Rhadamanthys version added device and web browser fingerprint collection plus mechanisms to fly under the radar.

    Show sources