Hunters International

Threat Actor

Hunters International emerged recently as a ransomware-as-a-service (RaaS) operation and is believed to be a rebrand of the Hive ransomware gang, a theory based on overlaps in the malware code.

The group denied the allegations, though, saying that they are a new operation that purchased the encryptor source code from the defunct Hive. According to the threat actor, encryption is not the end goal of their attacks, as their focus is on stealing data and using it as leverage to extort victims into paying a ransom.

At the moment, the gang's data leak site lists well over a dozen victims in different sectors and from various regions of the world.

Malware Used by this Threat Actor

No malware identified for this threat actor.