HellCat, Morpheus RaaS operations leverage similar payloads

Aside from leveraging Windows Cryptographic Application Programming Interface for encrypting data aside from critical system files, both HellCat and Morpheus had ransom notes ordering victims to access their respective .onion portals using the provided credentials, according to a SentinelOne analysis.

Go to Source