ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "The ransomware clones of HellCat & Morpheus."
Episode Synopsis
Jim Walter, Senior Threat Researcher on SentinelLabs research team, to discuss their work on "HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code." Over the past six months, new ransomware groups like FunkSec, Nitrogen, and Termite have emerged, while established threats such as Cl0p and LockBit 4.0 have resurfaced. Two prominent Ransomware-as-a-Service (RaaS) operations, HellCat and Morpheus, have gained traction, with research indicating that affiliates of both are using nearly identical ransomware payloads.
Despite similarities in their encryption techniques and ransom notes, there is no conclusive evidence linking HellCat and Morpheus to the Underground Team, though shared tools or affiliates may be involved.
The research can be found here:
HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code
Learn more about your ad choices. Visit megaphone.fm/adchoices
Despite similarities in their encryption techniques and ransom notes, there is no conclusive evidence linking HellCat and Morpheus to the Underground Team, though shared tools or affiliates may be involved.
The research can be found here:
HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
Don’t trust that app!
03/01/2026
Excel-lerating cyberattacks.
27/12/2025
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
When macOS gets frostbite.
06/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
In God we trust