Infamous Hunters International announced an impressive ransomware operation that managed to breach 6 high-profile victims. These include names like US-based NanoLumens and Integrated Control and even Toyota Brazil.
Hunters International is a well-known ransomware organization with an infamous reputation and quite a notable success rate. The gang often hits several targets during its operations but never as many.
And it rarely targets as many high-value entities in one go. This highlights not only Hunters International’s fearless attitude and technical prowess but also its ability to evolve and improve. Which couldn’t be any more concerning.
But who is Hunters International? While there is no clear answer to this question, there are some theories floating around. The one that floats the most is that Hunters International is the successor of Hive. Maybe even more than that.
According to the latest research, it appears that the organization has a 60% overlap between its code and tactics and those of the defunct Hive. Not only that, but the hackers themselves sort of admitted to it.
They didn’t plainly confirm the rumor but rather did a twist on it. They claimed that they indeed took over a lot of Hive’s assets after the latter was dismantled. But they also stated that the assets were technically buggy and unusable.
The best way to deal with not only Hunters International but any other ransomware actor consists of two approaches:
If you believe you’re a potential ransomware target, you need to learn how to prevent these types of breaches. This includes collaborating with actual cybersecurity experts to boost your defenses and educating employees on how to recognize and avoid traps.
However, this set of measures isn’t necessarily guaranteed to make you impenetrable. At this point, the second approach should be your go-to strategy. All cybersecurity professionals advise against negotiating with hackers.
The same goes for paying the ransom or accepting any type of compromise. There are 2 reasons for that. The first is that paying the ransom doesn’t guarantee that the hackers will keep their word to delete the data. In most cases, they don’t.
The second is that agreeing to any type of compromise marks you as a vulnerable target. Which means that the gang will target you again soon. Other gangs and their affiliates will target you as well, once the word spreads.
The best course of action is to ignore all calls to negotiations. If everybody would be doing that, there would be no ransomware operations.
We believe security online security matters and its our mission to make it a safer place.