Hunters International
Kickidler employee monitoring software abused in ransomware attacks
Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims’ activity, and harvesting credentials after breaching their networks. In attacks observed by cybersecurity companies Varonis and Synacktiv, Qilin and Hunters International ransomware affiliates installed Kickidler, an employee monitoring tool that can capture keystrokes, take screenshots, and create videos of the screen. Kickidler’s developer says the tool […]
Hunters International shifts from ransomware to pure data extortion
The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to data theft and extortion-only attacks. As threat intelligence firm Group-IB revealed this week, the cybercrime group remained active despite announcing on November 17, 2024, that it was shutting down due to declining profitability and increased government scrutiny. Since then, […]
Hunters International ransomware claims attack on Tata Technologies
The Hunters International ransomware gang has claimed responsibility for a January cyberattack attack on Tata Technologies, stating they stole 1.4TB of data from the company. Tata Technologies provides engineering and digital solutions for manufacturing industries worldwide. Founded in 1989 and based in Pune, it operates in 27 countries with over 12,500 employees, specializing in automotive, aerospace, […]
AutoCanada says ransomware attack “may” impact employee data
AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. Although the firm says it has detected no fraud campaigns targeting impacted individuals, it is sending notifications to alert affected people of potential risks. In mid-August, the car dealership company disclosed that it had […]
US Marshals Service disputes ransomware gang’s breach claims
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group’s leak site on Monday. “USMS is aware of the allegations and has evaluated the materials posted by individuals on the dark web, which do not appear to derive […]
Ransomware gang targets IT workers with new SharpRhino malware
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. The malware helps Hunters International achieve initial infection, elevate their privileges on compromised systems, execute PowerShell commands, and eventually deploy the ransomware payload. Quorum Cyber researchers who discovered the new malware report that it […]