Open-source reporting has claimed that the Hermes ransomware was developed by the North Korean group STARDUST CHOLLIMA (activities of which have been public reported as part of the “Lazarus Group”), because Hermes was executed on a host during the SWIFT compromise of FEIB in October 2017.
There are currently no families associated with this actor.
|2019-01-10 ⋅ CrowdStrike ⋅ |
Big Game Hunting with Ryuk: Another Lucrative Targeted Ransomware
Ryuk GRIM SPIDER MUMMY SPIDER STARDUST CHOLLIMA WIZARD SPIDER