Ransomware group Hunters International goes dark, offers free decryption to victims

The Hunters International ransomware group said it is taking its operations offline and provide free decryption software to companies that the group attacked earlier.

 

On July 3, in a post shared on the dark web, the Hunters International ransomware group said, “After careful consideration and in light of recent developments, we have decided to close the Hunters International project.

 

“This decision was not made lightly, and we recognise the impact it has on the organisations we have interacted with,” the group said.

 

While the ransomware group doesn’t explain what “recent developments” it refers to, today’s announcement follows a November 17 statement in which the group said that it could shut shop because of law enforcement investigations and a lack of profitability.

 

The ransomware group shared decryption software with the companies it attacked earlier, removed all entries from its extortion portal and said victims can request decryption tools and recovery guidance on its official website.

 

“As a gesture of goodwill and to assist those affected by our previous activities, we are offering free decryption software to all companies that have been impacted by our ransomware. Our goal is to ensure that you can recover your encrypted data without the burden of paying ransoms.

 

“We understand the challenges that ransom attack pose, and we hope that this initiative will help you regain access to your critical information quickly and efficiently. To access the description tool and guidance on the recovery process, please visit our official website,” Hunters International added.

 

In April, cybersecurity company Group-IB said that Hunters International was rebranding its operation, mainly focusing on data theft and extortion-only attacks, rather than ransomware and had launched a new extortion-only service known as “World Leaks.”

 

Group-IB added that, unlike Hunters International, which used both encryption and extortion, World Leaks only uses extortion and relies on a custom-built data theft tool. They added that the tool seems to be an improved version of the one used by Hunters International’s ransomware partners.