Elysium

Elysium is malware consistently described in the provided content as a botnet, including as a relatively unknown proxy bot and as botnet infrastructure or an ecosystem used in international cybercrime. The content states that Elysium linked victim machines into controlled networks that could support distributed attacks, anonymity services, and scalable malware deployment. It is repeatedly mentioned alongside the Rhadamanthys infostealer and the VenomRAT remote access trojan as part of the same criminal infrastructure targeted by Europol-led Operation Endgame in November 2025. According to the content, authorities from multiple countries disrupted or took down Elysium between 10 and 13 November 2025, seizing or disabling more than 1,000 servers overall across the targeted malware families and seizing 20 domains. Europol is cited as stating that the targeted malware families, including Elysium, had infected hundreds of thousands of computers globally, enabled credential theft, remote access, and resale of stolen data, and played a key role in international cybercrime. One source in the content also describes Elysium as the enabler of the Rhadamanthys infostealer and VenomRAT. Another source characterizes it as a botnet variant of the Ghost ransomware family active since 2021. High-confidence indicators of compromise specific to Elysium are not provided in the content.