Tag Archive for: international

Hunters International Ransomware Adds Four New Victims

/in


The Hunters International ransomware group has claimed four new victims, expanding its reach across industries and countries.

The targeted organizations include Gunning & LaFazia in the United States, Thermosash Commercial Limited in New Zealand, PROJECT M.O.R.E. in the U.S., and Bradford Health Care, a healthcare institution.

The Targets: Diverse Industries and Geographic Locations

The announcement of cyberattack was made through the group’s dark web portal, showcasing their continued audacity in breaching security systems. The implications of these Hunters International ransomware attacks could be far-reaching, given the diverse industries and geographic locations of the victims.

Hunters International Ransomware
Source: Twitter
Hunters International Ransomware
Source: Twitter

The USA and New Zealand have found themselves at the forefront of this latest cyber onslaught.

Hunters International ransomware
Source: Twitter

Hunters International Strikes Again: Four New Victims Added to Dark Web Portal

To verify the legitimacy of the Hunters International ransomware attack claim, The Cyber Express Team reached out to the targeted organizations. Unfortunately, as of the writing of this report, no responses have been received, leaving the claims unverified.

Interestingly, the official websites of the targeted organizations were found to be fully functional, raising questions about the authenticity of the Hunters International ransomware group’s assertions.

Hunters International ransomware has become synonymous with a repetitive attack pattern, drawing parallels to their previous operations. A significant revelation from October exposed code overlaps between the ransomware used by Hunters International and the once-dominant Hive ransomware.

Bitdefender, a cybersecurity vendor, confirmed this finding, suggesting a strategic decision by the Hive group to transfer its operations and assets to Hunters International.

Repetitive Tactics: Hunters International Ransomware Attack Pattern

This recent cyberattack on multiple organizations echoes a similar pattern observed in 2023 when the L’Azienda USL di Modena Regional Health Service in Italy fell victim to a cyber breach attributed to Hunters International.

Before these incidents, the ransomware group targeted InstantWhip, a major player with a revenue of US$300 million. InstantWhip has yet to release any…

Source…

Hunters International ransomware gang claims to have hacked the Fred Hutch cancer center

/in


Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Pierluigi Paganini
December 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

The ransomware gang has added the organization to its dark web leak site and is threatening the victim to leak the alleged stolen data.

Fred Hutchinson Cancer Research Center is an independent, nonprofit research institute based in Seattle, Washington. Its mission is to improve the lives of people worldwide through research, clinical care and education.

The center’s research focuses on cancer prevention, diagnosis, treatment and survivorship. Fred Hutch investigators are making groundbreaking discoveries in cancer genomics, immunotherapy, precision medicine and other fields.

The organization operates a network of clinical sites in the US.

Earlier in December, Fred Hutch disclosed a cyber attack that took place on November 19, 2023. Threat actors had access to its infrastructure.

The Seattle Times reported that Fred Hutch patients started receiving email threats following cyberattack.

“Then this week, the spam emails started to arrive. The threats were sent to a number of former and current Fred Hutch patients — as well as some who have received care from Hutch partner UW Medicine — and claimed the names, Social Security numbers, phone numbers, medical history, lab results and insurance history of more than 800,000 patients had been compromised.” reported the Seattle Times.

“If you are reading this, your data has been stolen and will soon be sold to various data brokers and black markets to be used in fraud and other criminal activities,” the alleged hackers wrote, according to several emails shared with The Seattle Times.”

Fred Hutch
Robert M. Arnold Building, Fred Hutchinson Cancer Research Center.

The organization immediately started the incident response procedure, it took impacted systems offline, a circumstance that suggests that Fred Hutch was the…

Source…

International arms control system faces multiple challenges

/in



First test flight of the US B-21 Raider.

Russia announced that it had completed all procedures for withdrawing from the Treaty on Conventional Armed Forces in Europe (CFE) on November 7, and NATO also declared an official halt in fulfilling relevant contractual commitments on the same day.

In recent years, due to declining strategic mutual trust, the US and Russia, two nuclear powers possessing more than 90% of the global nuclear weapons, frequently withdrew from the Treaty, posing grave threats to the sustainability of their mutual supervision and transparency mechanism in the nuclear arms control and further severely impacting the international nuclear arms control system. Meanwhile, with the old nuclear arms control mechanism already shattered and the new one not yet in place, the two sides are still accelerating the upgrading of nuclear forces. Not only that, the US works with its allies to actively expand or upgrade extended deterrence. For example, it carried out nuclear submarine cooperation with the UK and Australia, acquiesced in Japan’s stockpile of massive nuclear weapon materials and gradually relieved the restrictions on ROK’s missile development.

The proliferation and use of nuclear weapons, capable of extinguishing human civilization, have been consistently under the world’s scrutiny. And the increasingly prominent conventional arms control issues also pose serious challenges to global security and development. At present, frequent regional conflicts and violence have provided a hotbed for the illicit conventional weapon trades, of which the discovery and traceability of light and small conventional weapons are particularly challenging. The application of cluster munitions, white phosphorus bombs, depleted uranium bombs and other specific conventional weapons has not only exacerbated the intensity of conflicts in relevant countries and regions, but also triggered serious humanitarian crises. Moreover, some countries’ irresponsible export and management of common or special conventional weapons have also aggravated the contradictions and conflicts. What’s particularly worrisome…

Source…

‘Hunters International’ Cyberattackers Take Over Hive Ransomware

/in


The FBI may have successfully disrupted the destructive Hive ransomware operation earlier this year, but the group’s malware code continues to present a threat to organizations everywhere.

In October, a security researcher’s analysis of a ransomware used by new group called Hunters International showed substantial code overlaps with Hive ransomware. A subsequent analysis by Bitdefender found the same similarities, leading researchers at the security vendor to conclude that Hive operators have handed off their crown jewel to another threat actor.

A Strategic Dark Web Decision?

“It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to another group, Hunters International,” Bitdefender said in a recent report. “While Hive has been one of the most dangerous ransomware groups, it remains to be seen if Hunters International will prove equally or even more formidable.”

Hive was one of the most active ransomware groups at the time the FBI, in concert with counterparts in Germany and the Netherlands, hacked into the group’s infrastructure and systematically neutralized it over a seven-month period.

During that time, investigators captured over 300 decryption keys from Hive operators and handed them off to victims who were under active attack, saving them a cumulative $130 million in losses. Investigators also found — and handed over — an additional 1,000 decryption keys associated with victims of earlier Hive group attacks. The FBI and its partners seized control of websites and servers that Hive was using at the time, effectively shutting down its operational capabilities.

Emerging Threat

In the months since then, Hive’s operators appear to have transferred their code to Hunters International, a threat group with a relatively low number of victims at the moment but with a mature toolkit and a seeming eagerness to show its capabilities.

“Reputation plays a critical role in the ransomware-as-a-service model, and after the disruptions and months-long law enforcement breach of the Hive ransomware group, Hunters International faces the task of demonstrating its competence before it can attract high-caliber…

Source…