Overview
- Coordinated from Europol’s Hague command post between November 10 and 14, authorities disrupted or seized 1,025 servers, took 20 domains, and searched 11 locations in Germany, Greece and the Netherlands.
- Police arrested a key suspect tied to VenomRAT in Greece on November 3, with broader investigations and follow‑up actions ongoing.
- Europol reports hundreds of thousands of infected computers and several million stolen credentials, and says the Rhadamanthys operator had access to over 100,000 cryptocurrency wallets.
- Shadowserver says a Rhadamanthys database showed more than 525,000 infections and 86 million records, while Have I Been Pwned received 2 million email addresses and 7.4 million passwords for alerts.
- Potential victims are urged to check exposure and remediate via politie.nl/checkyourhack and haveibeenpwned.com.