Hunters International emerged recently as a ransomware-as-a-service (RaaS) operation and is believed to be a rebrand of the Hive ransomware gang, a theory based on overlaps in the malware code.
The group denied the allegations, though, saying that they are a new operation that purchased the encryptor source code from the defunct Hive. According to the threat actor, encryption is not the end goal of their attacks, as their focus is on stealing data and using it as leverage to extort victims into paying a ransom.
At the moment, the gang's data leak site lists well over a dozen victims in different sectors and from various regions of the world.
Incidents Associated with this Threat
- December 2, 2023: US DoD Contracted Shipbuilding Company Austal USA Confirms Ransomware Attack
- November 10, 2023: Bartec Top Holding Announces Data Breach