New Ransomware Group Emerges with Hive's Source Code and Infrastructure

Cyber Security Threat Summary:
Hunters International, a newly emerged ransomware group, has acquired the source code and infrastructure from the dismantled Hive operation, a once-prolific ransomware-as-a-service (RaaS) group. The Hive group's operations were halted as part of a coordinated law enforcement effort in January 2023. This move allowed Hunters International to start its own cyber threat activities with a mature toolkit.

Unlike traditional ransomware groups, Hunters International focuses on data exfiltration. All reported victims have had data exfiltrated, but not all had their data encrypted. The ransomware is based on the Rust programming language, making it more resistant to reverse engineering. The new group has simplified the ransomware code, reduced command line parameters, and made the malware less verbose.

Security Officer Comments:
Hunters International faces the challenge of demonstrating its competence and attracting high-caliber affiliates to establish a reputation in the cyber threat landscape. As they begin with a mature toolkit, their future success and notoriety will depend on their ability to showcase their expertise in the evolving world of cyber threats.