The GodDamn ransomware, a rebrand of the Beast and Monster strains, has emerged using a sophisticated defense evasion technique to neutralize endpoint protection. The threat group, known as Hyadina, gains initial access through remote desktop tools like AnyDesk and deploys a credential-harvesting toolkit based on NirSoft utilities. This toolkit targets a wide range of sensitive data, including browser history, Windows Credential Manager entries, Wi-Fi profiles, and live network traffic.
Source