Summary: The ransomware group Hunters International, recently emerging from the notorious Hive gang, has shifted its tactics from double-extortion ransomware attacks to purely extortion through data exfiltration. Researchers suggest this change is influenced by global law enforcement actions against cybercrime and a decline in ransom payments. The group has rebranded itself as “World Leaks,” focusing on automating data theft processes without encryption.
Affected: Hunters International, World Leaks, numerous enterprises including Tata Technologies and Industrial and Commercial Bank of China
Keypoints :
- Hunters International has reportedly moved away from data encryption to exclusively focus on data exfiltration.
- The group is shifting to a new operation called “World Leaks” as a response to law enforcement’s crackdown on ransomware activities.
- Ransomware incidents have surged, but the total amount paid in ransoms has declined significantly.
- The group employs tools for automated data exfiltration and targets key company executives to enhance their extortion tactics.
Source: https://securityboulevard.com/2025/04/hunters-international-dumps-ransomware-goes-full-on-extortion/