SYMBOLCOMMON_NAMEaka. SYNONYMS

STARDUST CHOLLIMA  (Back to overview)


Open-source reporting has claimed that the Hermes ransomware was developed by the North Korean group STARDUST CHOLLIMA (activities of which have been public reported as part of the “Lazarus Group”), because Hermes was executed on a host during the SWIFT compromise of FEIB in October 2017.


Associated Families

There are currently no families associated with this actor.


References
2019-01-10CrowdStrikeAlexander Hanel
Big Game Hunting with Ryuk: Another Lucrative Targeted Ransomware
Ryuk GRIM SPIDER MUMMY SPIDER STARDUST CHOLLIMA WIZARD SPIDER

Credits: MISP Project