← All Threat Actors
Threat Actor Profile

STARDUST CHOLLIMA

Sapphire Sleet
▲ High Threat
Open-source reporting has claimed that the Hermes ransomware was developed by the North Korean group STARDUST CHOLLIMA (activities of which have been public reported as part of the “Lazarus Group”), because Hermes was executed on a host during the SWIFT compromise of FEIB in October 2017.
Origin

External Resources

CISA Advisories ↗

Related Intelligence


LINK COPIED TO CLIPBOARD