Hunters International Ransomware Gang Targets US Company
The infamous hacker gang announced another US-based victim today. The target is Mid-South Health Systems, a company with close to $30 million in revenue and 500 employees. The hackers posted the news about the operation on their website.
- There is no additional data about the attack other than the standard summary of the target company
- Hunters International ranks as a world-renowned ransomware actor with versatile tactics, scary-effective MOs
- According to the original post, the hackers got in possession of 3 packs of data, but they didn’t disclose what they contained or how large they are
- Mid-South Health Systems didn’t comment on the attack
It’s also unclear whether the victim has decided to negotiate with the hackers, but that’s rarely the case. Most mid and high-end institutions refuse to negotiate with the ransomware operators. Especially if they can resume their operation soon.
This is exactly what cybersecurity professionals advise anyway. If you’ve decided to negotiate or, worse, pay the ransom, you’re already in a losing scenario. That’s because you can’t know for sure that the hackers will keep their word and delete the stolen data.
More importantly, paying the ransom marks you as a vulnerable target, willing to negotiate. Which means that the hackers will most likely target you again in the future. If not them, then others.
When it comes to Hunters International, the hackers do keep their word when it comes to providing the decryption key. However, we have no data regarding their willingness to delete the stolen information. And there’s no reason to believe that they do.
And giving them the benefit of the doubt will only get you in trouble. After all, they are a cybercriminal entity with the sole purpose of extorting you for money. Integrity and honesty aren’t necessarily codes of honor among groups like these.
What Do We Know About Hunters International?
If you’re not a total stranger in the ransomware news department, you’ve most likely heard about Hunters International before. And, if you have, you know the rumors circulating about their connections with the defunct Hive.
Hive was once the most powerful and influential ransomware entity in the world until the FBI cracked it in January of last year. Hunters International became public in October 2023 with a controversial public post.
This contained a statement that admitted to the group purchasing Hive’s source codes after the latter dissolved. However, the hackers couldn’t use Hive’s assets because they filled with “a lot of mistakes,” rendering them almost worthless.
No matter what the truth is, Hunters International has been observed to use tactics and approaches similar to Hive, although their general MO changed with time. The hackers are fierce negotiators and usually demand hefty ransoms.
Most importantly, Hunters International operators prefer to target high-value companies, whether they are state-owned or private. If you believe you could qualify as a victim, you might want to act today.
Educate your staff to identify potential threats and traps and work with actual cybersecurity professionals to resolve your system’s vulnerabilities. And, as we’ve already discussed, do not negotiate with the hackers!
Our Mission
We believe security online security matters and its our mission to make it a safer place.
