Analysis: Two World Leaks claims surfaced alongside transit information outages in Blacksburg and Los Angeles World Leaks listed Blacksburg and Los Angeles as transit information systems in both places saw disruptions. No common cause has been established

Analysis: Two World Leaks claims surfaced alongside transit information outages in Blacksburg and Los Angeles #WorldLeaks #DataExtortion #LAMetro #Virginia #BlacksburgTransit #HuntersInternational dysruptionhub.com/world-leaks-blacksburg-l...

'Hunters International' RaaS Outfit Shuts Down Its Operation  Hunters International, a ransomware-as-a-Service (RaaS) outfit, shut down operations and will provide free decryptors to victims seeking to restore their data without paying a ransom.  "After careful consideration and in light of recent developments, we have decided to close the Hunters International project. This decision was not made lightly, and we recognize the impact it has on the organizations we have interacted with," the ransomware outfit notes in a statement published on its dark web. "As a gesture of goodwill and to assist those affected by our previous activities, we are offering free decryption software to all companies that have been impacted by our ransomware. Our goal is to ensure that you can recover your encrypted data without the burden of paying ransoms.” The attackers also erased all entries from the extortion platform and stated that firms whose systems were encrypted in Hunters International ransomware assaults can access decryption tools and recovery guidance from the gang's official website.  While the ransomware group does not specify what "recent developments" it alludes to, the latest development follows a November 17 statement stating that Hunters International will soon cease operations due to growing law enforcement scrutiny and diminishing profitability.  In April, threat intelligence firm Group-IB also disclosed that Hunters International had started a new extortion-only operation dubbed "World Leaks" and was rebranding with plans to zero in on data theft and extortion-only attacks.  Group-IB stated at the time that "World Leaks operates as an extortion-only group using a custom-built exfiltration tool, in contrast to Hunters International, which combined encryption with extortion." The new tool seems to be an improved version of the Storage Software exfiltration tool that Hunters International's ransomware affiliates used.  Due to code similarities, security researchers and ransomware specialists identified Hunters International, which surfaced in late 2023, as a potential rebranding of Hive. The malware from the ransomware group supports x64, x86, and ARM architectures and targets a variety of platforms, including Windows, Linux, FreeBSD, SunOS, and ESXi (VMware servers).  Hunters International has attacked businesses of all sizes over the last two years, demanding ransoms ranging from hundreds of thousands to millions of dollars, depending on the size of the compromised organisation. The ransomware group has claimed credit for around 300 attacks worldwide, making it one of the most active ransomware campaigns in recent years.  The ransomware outfit has claimed several notable victims, including the United States Marshals Service, the Japanese optical firm Hoya, Tata Technologies, the North American car dealership AutoCanada, the United States Navy contractor Austal USA, and Integris Health, Oklahoma's largest non-profit healthcare network.

'Hunters International' RaaS Outfit Shuts Down Its Operation #ArmeniaCyberSecurity #HuntersInternational #RaaSGroup

💀HACKERS SAY “BYE FELICIA”?! Hunters International Ransomware Gang Shuts Down in Mysterious, Kinda Suspicious Exit 💻💣 wp-dd.com/hackers-say-... #HuntersInternational #Ransomware #Shutdown

Hunters International ransomware shuts down, releases free decryptors ​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data…

Hunters International Ransomware-as-a-Service (RaaS) operation has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom.

#HuntersInternational #RaaS #ransomware #malware #security #cybersecurity #hackers #hacking

Hunters International ransomware shuts down, releases free decryptors ​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data ...

Hunters International - eine der aktivsten #Ransomware-as-a-Service Gruppen geht offline und kommt scheinbar als #WorldLeaks zurück.

#HuntersInternational kündigt erneut den Rückzug auf der Leak-Website im Darknet an und stellt angeblich auch den Opfern einen kostenlosen #Decryptor zur Verfügung.

🚨 BREAKING: Ransomware group Hunters International announces shutdown, offering free decryption tools to all victims.
Claiming it as a "gesture of goodwill," they’re providing recovery support via their website.
#ThreatIntel #Ransomware #CyberSecurity #HuntersInternational

Hunters International Ransomware Gang Rebrands as World Leaks Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

#HuntersInternational ransomware gang shuts down, but not retiring. They’re rebranding as #WorldLeaks to focus on data theft and extortion, dropping encryption. Free decryption keys offered to past victims.

Read: hackread.com/hunters-inte...

#CyberSecurity #CyberCrime #Ransomware

Rete di frodi finanziarie smantellata in Spagna con danni oltre 10 milioni di euro; IdeaLab colpita da ransomware, dati di dipendenti e collaboratori pubblicati sul dark web.

#callcenter #huntersinternational #idealab #Ransomware #spagna #worldleaks
www.matricedigitale.it/2025/07/04/r...

Hunters International ransomware shuts down, releases free decryptors ​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data ...

#HuntersInternational #ransomware shuts down, releases free #decryptors #WorldLeaks www.bleepingcomputer.com/news/securit...

Hunters International chiude le attività ransomware, offre decryptor e si trasforma nel gruppo estorsivo World Leaks.

#estorsione #hive #huntersinternational #Ransomware #worldleaks
www.matricedigitale.it/2025/07/03/h...

‼️Idealab 🇺🇸 is issuing data breach notifications to 2,790 people following a #cyberattack in October 2024.

#Ransomware gang #HuntersInternational claimed the attack on the technology company after allegedly stealing 262.8 GB of data.

bit.ly/4bsqDGS

‼️Bradford Health Services 🇺🇸 is issuing #databreach letters following a #cyberattack in Dec '23. Medical info, SSNs, passport numbers & more affected.

#Ransomware gang #HuntersInternational claimed the attack on the healthcare company. 770 GB stolen.

bit.ly/4bsqDGS

‼️ UPDATE: 2,273 people are now confirmed to have had their data breached in the March 2024 #ransomware attack on the City of St. Cloud 🇺🇸

#HuntersInternational claimed the attack on the government entity after allegedly stealing 1.4 TB of data.

bit.ly/3xCHO9n

🚨 Corantioquia 🇨🇴 has been added to the data leak site of #ransomware gang #HuntersInternational.

The Colombian government agency was hit by a #cyberattack on April 21, 2025. 70% of systems were restored on May 5.

This is the 67th attack on a government agency this year so far.

bit.ly/3T0yGne

Original post on blog.bushidotoken.net

Ransomware Tool Matrix Project Updates: May 2025 Introduction This blog is a summary and analysis...

blog.bushidotoken.net/2025/05/ransomware-tool-...

#BianLian #BlackSuit #Cybercrime #HuntersInternational #lockbit #Medusa #PLAY #Qilin #RansomEXX #RansomHub […]

Original post on blog.bushidotoken.net

Ransomware Tool Matrix Project Updates: May 2025 Introduction This blog is a summary and analysis...

blog.bushidotoken.net/2025/05/ransomware-tool-...

#BianLian #BlackSuit #Cybercrime #HuntersInternational #lockbit #Medusa #PLAY #Qilin #RansomEXX #RansomHub […]

🚨 Forum Communications Company 🇺🇸 has just been added to the data leak site of #ransomware gang #HuntersInternational.

In March, the North Dakota media and technology company notified 28,830 people of a #databreach following a #cyberattack in Jan '25.

bit.ly/4bsqDGS

Cybercrime Group Changes Plans: Drops Ransomware, Focuses on Data Theft   A cybercriminal group known for ransomware attacks has decided to stop using those methods and instead focus only on stealing information and demanding money in return. The group, called Hunters International, has rebranded and is now running a new operation. This group had earlier announced in November 2024 that it would stop its activities. They claimed it was because of low profits and growing attention from police and other authorities. But cybersecurity experts discovered that the group didn’t actually stop – they just changed their approach. Now, under a new name, World Leaks, the group has returned. Instead of locking people’s files and asking for payment to unlock them, they now secretly steal private data from computers and threaten to release it online unless they’re paid. According to cybersecurity researchers at Group-IB, the people working with this group are being given a special tool. This software helps them quickly and quietly copy important files from an organization’s systems. It’s believed to be a newer version of a tool they’ve used in the past. In their earlier version, Hunters International combined two actions: they locked systems (ransomware) and demanded money, and also stole data. But now, they are only stealing data and skipping the system lockout part, which brings less risk and may be harder for authorities to detect. Hunters International first appeared in late 2023 and was suspected to be connected to an older cyber gang called Hive. Their malware could attack many types of computer systems, including those used by businesses, governments, and servers for virtual machines. Since then, the group has been behind over 280 attacks on organizations across the globe. They’ve gone after major companies, government bodies, hospitals, and even defense-related firms. In one serious case, they threatened to release personal health records of over 800,000 patients if they weren’t paid. The group has been targeting companies of all sizes. Experts have seen ransom demands vary, sometimes reaching millions, depending on how large or important the organization is. Experts say that this shift shows how cybercriminals are always changing tactics to stay ahead. With ransomware becoming riskier and less profitable, many groups may now turn to stealing data as their main method. To stay safe, organizations should improve their security systems, watch for unusual access, and take steps to protect sensitive data before it’s too late.

Cybercrime Group Changes Plans: Drops Ransomware, Focuses on Data Theft #DataTheft #HuntersInternational #malware

🚨 Groupe Delcourt 🇫🇷 has been added to the data leak site of #ransomware gang #HuntersInternational. 3.7 TB of data allegedly stolen.

The French publishing house has confirmed a #cyberattack on its systems. Investigations are ongoing.

bit.ly/3T0yGne

🚨Hofmann Fördertechnik GmbH 🇩🇪 has been added to the data leak site of #ransomware gang #HuntersInternational. 1.7 TB of data allegedly stolen.

The German forklift truck dealer confirmed its systems were hit by a #cyberattack on March 30/31, 2025.

bit.ly/3T0yGne