Particle.news
Download on the App Store
3 ARTICLES
·
4d ago

Hunters International Ransomware Operation Ends and Offers Free Decryption Tools

The move marks a retreat from encryption-based attacks after law enforcement pressure coupled with shrinking profits in favor of data-only extortion.

Image
A screenshot of the Hunters International website and logo. (Image: TechCrunch)
Image

Overview

  • Hunters International has wiped its dark web leak site entries and invited affected organizations to request free decryption software and recovery guidance from its official portal.
  • The group first signaled an impending shutdown in November, attributing the decision to intensifying enforcement risks and diminishing profitability.
  • Since late 2023, Hunters International claimed nearly 300 global ransomware incidents, striking sectors including healthcare, manufacturing, and government.
  • Cybersecurity firm Group-IB reported in April that the operation had rebranded as World Leaks to focus solely on exfiltrating and extorting data without deploying encryption.
  • Security analysts view this shift as part of a broader ransomware trend toward data-only extortion to circumvent tougher sanctions and sustain illicit revenue.