Rhadamanthys and the Limits of Private Sector Operations

This case study details how researchers exploited an authentication weakness in Rhadamanthys infostealer control panels (Nov 2022–Jan 2023) to collect over 70,000 stolen-credential logs from about 303 servers and used that visibility window to notify victims and reduce harm; it emphasizes the operational constraints on private-sector actors, the fragility of visibility, and the need for coordinated public–private response to achieve lasting disruption.