Summary: Hunters International, a ransomware group reportedly linked to Hive, is transitioning from ransomware attacks to exfiltration-only techniques. This shift includes targeting organization executives directly to negotiate ransoms without alerting a wider audience. The group has experienced significant activity across various sectors, and their methods are evolving to become more automated and stealthy.
Affected: Tata Technologies and other organizations worldwide
Keypoints :
- Hunters International has been active since late 2023, previously adopting strategies from the disrupted Hive group.
- Approximately 300 organizations have been listed as victims, predominantly in North America, Europe, and Asia, with various sectors targeted.
- The group plans to transition from file-encrypting ransomware to automated exfiltration-only attacks, minimizing risk and maximizing profits.
Source: https://www.securityweek.com/hunters-international-ransomware-gang-rebranding-shifting-focus/