Shades of Locky, MarsJoke in new Hades ransomware

News by Doug Olenick

Another new ransomware type called Hades, uncovered this week by Proofpoint, that seems to pull in features from several older malware types.

Another new ransomware type called Hades, uncovered this week by Proofpoint, that seems to pull in features from several older malware types.

Proofpoint said Hades similarity with Locky centers on how ransom note mimics those accompanying Locky attacks, while the Hades botnet and distribution technique are quite similar to CryptFile2 and MarsJoke. There are some differences. Whereas the older variants target state and local governmental agencies, Hades goes after the manufacturing and business services sectors.

So far the bad actors behind Hades have limited the number of attacks to only a few hundred messages, Proofpoint said.

Another differentiator from Locky has Hades being spread through emails using a transportation-related subject that contain URLs linked to a malicious Word document instead of using an attached doc. This methodology does mirror MarsJoke.

The cyber-criminals demand a one-bitcoin ransom to decrypt the locked files.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events