An analysis published on Friday reveals that at least three major companies have been recent victims of the Hades ransomware. The analysis was published by Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams. Accenture claims that the threat actors are targeting organisations that generate at least $1 billion in annual revenue. Reportedly Forward Air was one of the victims.
The attackers have been taking a hands-on approach, using a mix of custom tools and fileless approaches. The Hades strain appears to infiltrate systems through internet-facing systems, Remote Desktop Protocol (RDP), or Virtual Private Network (VPN) setups, and uses legitimate credentials.