August 27, 2024 at 04:34PM The U.S. Marshals Service denies being breached by the Hunters International ransomware gang, despite being listed as a new victim on the group’s leak site. Based on the meeting notes, it appears that the U.S. Marshals Service has denied any breach of its systems by the Hunters International ransomware gang. … Read more
August 8, 2024 at 02:27AM Summary: The BlackSuit ransomware has demanded up to $500 million in ransoms, targeting critical infrastructure sectors and using various infection pathways. Threat actors are using aggressive tactics, including threatening secondary victims and analyzing stolen data. New ransomware families continue to emerge while existing groups evolve their operations. Summary of meeting … Read more
August 7, 2024 at 01:37AM Hunters International, a ransomware-as-a-service gang suspected of rebranding from the Hive crew, has been targeting network admins with malware disguised as Angry IP Scanner. The group’s use of double extortion attacks and rise to the top ten most detected ransomware mobs has positioned them as a significant threat, having been … Read more
August 5, 2024 at 05:15PM Hunters International ransomware group has launched the SharpRhino remote access trojan (RAT) to target IT professionals, using it to breach corporate networks and deploy ransomware. The malware is disseminated through typosquatting and impersonation. Notable victims include Austal USA, Hoya, Integris Health, and the Fred Hutch Cancer Center. Quorum Cyber discovered … Read more
April 11, 2024 at 02:18PM Hoya Corporation was hit with a cyberattack by the ‘Hunters International’ ransomware operation, demanding a $10 million ransom and threatening to release stolen files. The attack impacted production and order processing, with IT outages across business divisions. As of now, Hoya hasn’t provided updates on their business status, and remediation … Read more
February 20, 2024 at 09:41AM German software developer, PSI Software SE, confirmed a ransomware attack on its internal infrastructure. The company, with over 2,000 employees, specializes in software solutions for energy suppliers and operational management. Its systems were disconnected post-attack to prevent data loss. Experts from the Federal Office for Information Security are assisting in … Read more
February 11, 2024 at 11:45PM The U.S. Department of State is offering up to $10 million for info on Hive ransomware key personnel and $5 million for arrests related to Hive ransomware activities. Hive targeted 1,500+ victims in 80 countries, netting $100 million in illegal revenues. Ransomware activity rebounded in 2023, with a notable shift … Read more
December 6, 2023 at 05:10PM Austal USA, a shipbuilding contractor for the US government, reported a cyberattack by Hunters International to the FBI and NCIS. The ransomware group leaked stolen data online but the company contained the breach with no operational impact reported. No personal or classified data was compromised; investigations are ongoing. Meeting Takeaways: … Read more
December 6, 2023 at 12:22PM Austal USA, an American subsidiary of an Australian shipbuilding company, confirmed a cyberattack, presumably by Hunters International ransomware group, who leaked data online. Quick mitigation prevented operational impact. No personal or classified data was compromised. Investigations by FBI and NCIS are ongoing. The company continues to assess the incident. Meeting … Read more
November 13, 2023 at 05:05PM The Hive ransomware group, which was disrupted by the FBI earlier this year, has transferred its malware code to another group called Hunters International. Both security researchers and Bitdefender have found code similarities between the two groups, suggesting that Hive operators have handed off their operations to the new threat … Read more