One of the most dangerous ransomware kits around might have just gotten a rebrand

Ransomware
Image Credit: Shutterstock (Image credit: Shutterstock)

There is a good chance that one of the world’s most dangerous ransomware operators out there - Hive - has just gotten a rebrand.

Earlier this month, security researchers spotted a new player in the ransomware game, called Hunters International. The group doesn’t focus on encrypting their victims’ endpoints as much as it focuses on data theft and so far, it only managed to compromise one victim- a UK school.

However, the group’s encryptor is strikingly similar to that of Hive. More than 60% of the code overlaps with that of Hive ransomware, researchers said, with some going so far as to pinpoint the exact version of Hive that was rebranded - version 6.

Dismantled by the FBI

Hunters International, though, is having none of it. The group claims to have bought not just the encryptor source code, but also the website and old Golang and C version. The group also claims Hive’s encryptor came with a few bugs that it fixed.

If both groups were active at the same time, then it would clear any confusion as to whether they were the same or different operators. As things stand now, that most likely won’t happen, as Hive’s operations were terminated after its Tor payment and data leak site were confiscated by law enforcement early this year. 

Hive had 250 affiliates, BleepingComputer further stated, allowing the FBI to infiltrate the network and keep a low profile for half a year, gathering intelligence and mapping the group out. Before the seizure, Hive breached more than 1,300 companies and extorted more than $100 million from its victims. 

FBI’s work resulted in a decryption key that was handed out to more than 1,300 victims. 

In order to avoid being targeted by the police, most ransomware groups these days refrain from attacking critical infrastructure organizations, state organizations, or healthcare institutions.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
Illustration of a laptop with a magnifying glass exposing a beetle on-screen
This devious macOS malware is evading capture by using Apple's own encryption
A person at a laptop with a cybersecure lock symbol floating above it.
Cybercrime gang targets victims with "triple threat" attacks
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Latest in Security
Data leak
Hacked Tata Technologies data leaked by ransomware gang
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Latest in News
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info
Apple iPhone 16 Pro Max REVIEW
The latest iPhone 17 Pro Max leak may have given us another look at its upcoming redesign
Half-Life running on a smartwatch
This Redditor installed a game engine on their smartwatch, and now it runs Doom, Quake, and Half-Life
Samsung Galaxy Z Fold 6
The Samsung Galaxy Z Fold 7 could be in line for a Galaxy S25 Ultra-level camera upgrade
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Three iPhones on a green and blue background showing trails on Apple Maps
iOS 18.4 will give your iPhone a much-needed maps upgrade – but only if you're in the EU