Security News > 2021 > March > 'Hades' Ransomware Hits Big Firms, but Operators Slow to Respond to Victims
Researchers from CrowdStrike, Accenture, and Awake Security have dissected some of the attacks involving the Hades ransomware and published information on both the malware itself and the tactics, techniques and procedures employed by its operators.
The Hades ransomware operators targeted a few industries only, including transportation and logistics, consumer products, and manufacturing and distribution - a logistics provider and organizations in the automotive supply chain and manufacturing of insulation products are known victims.
In the ransom note dropped onto the compromised machines, each victim is directed to a unique Tor website - six such sites were identified to date, suggesting that Hades has made at least six victims.
The ransomware operators demand payments in the range of $5 to $10 million from their victims.
Interestingly enough, despite a relatively low number of victims and the large payment demands, the adversaries appear slow to respond to requests for ransom payment instructions.
In addition to encrypting files on the victim's machines, the Hades ransomware operators also exfiltrate data deemed to be of interest, and extort the victim into paying the ransom by threatening to make the stolen data public.