Ransomware

Hunters International

First seen: 2023 • Status: active

Currently Active Threat

Hunters International took over from the Hive gang after police shut them down, focusing on stealing data more than encrypting files.

Overview

Hunters International emerged after FBI disrupted Hive ransomware, using Hive source code. They focus on data theft with encryption as secondary leverage.

Also Known As

Hunters, Hive successor

How It Spreads

  • Initial access brokers
  • Phishing
  • Vulnerability exploitation

What It Does

  • Data theft focus
  • Selective encryption
  • Double extortion
  • Credential harvesting

Is your business exposed?

Target Platforms

Windows, Linux

Detection Tips

  • Monitor for Hive-like indicators
  • Check for large data exfiltration
  • Analyze hunting patterns
  • Review IAB marketplace activity

MITRE ATT&CK Techniques

T1486, T1005, T1041, T1003, T1566

If You're Infected

  1. 1.

    Isolate affected systems

  2. 2.

    Assess data theft scope immediately

  3. 3.

    Block exfiltration channels

  4. 4.

    Prepare data breach notifications

Related Malware

Hive, Blackcat, Lockbit3

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices