The Awake Security division of Arista Networks has discovered evidence linking the Hades ransomware gang to Hafnium, the state-sponsored threat actor operating from China that Microsoft says is behind the recent Exchange hacks.
As they encountered the Hades threat actor, the group appeared to exhibit a number of characteristics that were "at once unlike other ransomware gangs, almost amateurish in a sense, while at the same time showing the type of sophistication and obfuscation that is more the forte of nation-state based advanced persistent threats (APT)," Jason Bevis, VP, Awake Labs, Awake Security, writes.