CyberSecurityBoard
Sponsor Register Login

Hunters International shifts from ransomware to pure data extortion

Notable victims claimed by Hunters International include Tata Technologies, North American automobile dealership AutoCanada, U.S. Marshals Service, Japanese optics giant Hoya, U.S. Navy contractor Austal USA, and Oklahoma's largest not-for-profit health network, ​​​​Integris Health. The new tool seems to be an upgraded variant of the Storage Software exfiltration tool that Hunters International's ransomware affiliates also use. The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks. Hunters International also breached the Fred Hutch Cancer Center in December, threatening to leak the stolen data of over 800,000 cancer patients if they weren't paid. ​Hunters International surfaced in late 2023 and was flagged as a possible rebrand of Hive because of code similarities. Since then, Hunters International has launched a new extortion-only operation known as "World Leaks" on January 1, 2025.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 03 Apr 2025 21:10:29 +0000


Cyber News related to Hunters International shifts from ransomware to pure data extortion

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
1 month ago Cybersecuritynews.com
New Hunters International ransomware possible rebrand of Hive - A new ransomware-as-a-service brand named Hunters International has emerged using code used by the Hive ransomware operation, leading to the valid assumption that the old gang has resumed activity under a different flag. This theory is supported by ...
1 year ago Bleepingcomputer.com Hunters
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
6 months ago Aws.amazon.com
Hunters International shifts from ransomware to pure data extortion - Notable victims claimed by Hunters International include Tata Technologies, North American automobile dealership AutoCanada, U.S. Marshals Service, Japanese optics giant Hoya, U.S. Navy contractor Austal USA, and Oklahoma's largest not-for-profit ...
18 hours ago Bleepingcomputer.com Hunters
Optics giant Hoya hit with $10 million ransomware demand - A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack. Hoya is a Japanese company ...
11 months ago Bleepingcomputer.com Hunters
Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk - Google is disputing a security vendor's report this week about an apparent design weakness in Google Workspace that puts users at risk of data theft and other potential security issues. According to Hunters Security, a flaw in Google Workspace's ...
1 year ago Darkreading.com Hunters
Ransomware gang behind threats to Fred Hutch cancer patients - The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center that resulted in patients receiving personalized extortion threats. Fred Hutch is a Seattle-based cancer research and patient care and ...
1 year ago Bleepingcomputer.com Hunters
Pathfinder AI - Hunters Announces New AI Capabilities with for Smarter SOC Automation - “Hunters has already made a significant impact on our security operations by reducing manual investigations, streamlining data ingestion, and improving threat visibility. Unlike static rule-based automation, Agentic AI dynamically adapts, ...
4 weeks ago Cybersecuritynews.com Hunters
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Hunters International ransomware claims attack on Tata Technologies - The Hunters International ransomware gang has claimed responsibility for a January cyberattack attack on Tata Technologies, stating they stole 1.4TB of data from the company. With no further updates have been shared by the company for over a month, ...
1 month ago Bleepingcomputer.com Hunters
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
Top 10 Notorious Ransomware Gangs of 2023 - By employing a multitude of advanced techniques like double extortion along with other illicit tactics, ransomware groups are continually evolving at a rapid pace. Here below, we have mentioned all the types of ransomware used by the threat actors ...
1 year ago Cybersecuritynews.com LockBit BianLian Everest Ragnar Locker Black Basta
Threat actors target Austal USA in ransomware attack, US Navy data at risk - The US subsidiary of Australian shipbuilding company Austal has been hit by a ransomware attack, raising concerns that US Navy information has been compromised. As seen by Cyber Daily through FalconFeeds, the attack on Austal USA was conducted by the ...
1 year ago Cyberdaily.au Hunters
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems - A sophisticated ransomware operation known as Hunters International emerged in October 2023, with strong evidence suggesting connections to the formerly dismantled Hive ransomware group. Security researchers quickly identified similarities between ...
1 day ago Cybersecuritynews.com Hunters LockBit
Tata Technologies' data leaked by ransomware gang | TechCrunch - A ransomware group called Hunters International has published some of the data it claims to have stolen from Tata Technologies, just over a month after the Indian company confirmed a ransomware attack that resulted in the suspension of some services. ...
3 weeks ago Techcrunch.com Hunters
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
1 year ago Techrepublic.com LockBit
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com Qilin Cactus Black Basta
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com LockBit Snatch
Navy contractor Austal USA confirms cyberattack after data leak - Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense and the Department of Homeland Security confirmed that it suffered a cyberattack and is currently investigating the impact of the incident. The company is based in ...
1 year ago Bleepingcomputer.com Hunters
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
1 year ago Bleepingcomputer.com Medusa Cuba STORMOUS
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
French police arrests Russian suspect linked to Hive ransomware - French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. The suspect was apprehended after the French Anti-Cybercrime Office linked him to digital wallets ...
1 year ago Bleepingcomputer.com Hunters

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)