hunters
Group profile
In mid-October 2023, just a few days before the Europol operation, the source code of the Ransomware Hive was sold, along with its website and older versions developed in Golang and C (although this purchase has only been reported by the actors without concrete evidence). The buyer of this new source code was the group Hunters International, who claimed to have fixed the bugs in the Ransomware Hive that were responsible for preventing file decryption in some cases. The group also stated that file encryption would not be their primary focus; instead, they would use data theft as a method to pressure victims during extortion attempts.
MITRE ATT&CK TTPs
Execution
Persistence
T1547Boot or Logon Autostart Execution
The threat actor may set system configurations to automatically execute malware during system startup or login.
Defense Evasion
Discovery
T1057Process Discovery
The threat actor may attempt to gather information about running processes on a system.
T1082System Information Discovery
The actor may try to obtain detailed information about the operating system and hardware, including version, patches, hotfixes, and other details.
T1083File and Directory Discovery
The threat actor may enumerate files and directories or search specific locations on a host or network share for certain information within a file system.
Command and Control
T1071Application Layer Protocol
The threat actor can communicate using OSI application layer protocols to avoid network detection/filtering, blending in with existing traffic.
T1071.001Application Layer Protocol: Web Protocols
The threat actor can communicate using web traffic associated application layer protocols to avoid detection.
Impact
T1486Data Encrypted for Impact
The threat actor can encrypt data on the target system or on a large number of systems to disrupt system availability.
Recent victims
showing 50 of 307| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2025-05-27 |  Corantioquiawww.corantioquia.gov.co | Public Sector | CO |
| 2025-05-27 |  Wrap & Send Serviceswrapandsend.com | Consumer Services | US |
| 2025-05-27 |  Eight8Ate Holdings, Incwww.eight8ate.ph | Consumer Services | PH |
| 2025-05-05 |  GPF Lewiswww.gpflewis.co.uk | Construction | GB |
| 2025-05-05 |  Sioux Chiefwww.siouxchief.com | Manufacturing | US |
| 2025-04-30 |  Telco Intercontinentaltelcointercon.com | Telecommunication | US |
| 2025-04-30 |  Digestive Specialistsdigestivespecialists.com | Healthcare | US |
| 2025-04-30 | Public Sector | ES | |
| 2025-04-28 |  Minnesota Lawyers Mutual Insurancewww.mlmins.com | Financial Services | US |
| 2025-04-25 |  Kenworth Del Surwww.kenworthdelsur.com.mx | Transportation/Logistics | MX |
| 2025-04-25 |  Kasb Bank - K-Tradewww.kasb.com | Financial Services | PK |
| 2025-04-23 |  Mafimafi.com | Not Found | AT |
| 2025-04-21 |  Pharma Forcewww.pharmaforce.be | Healthcare | BE |
| 2025-04-17 |  HOPIwww.hopi.cz | Not Found | CZ |
| 2025-04-06 |  Groupe Delcourtgroupedelcourt.com | Consumer Services | FR |
| 2025-04-06 |  Hofmann Fördertechnik GmbHhofmann-foerdertechnik.com | Manufacturing | DE |
| 2025-04-06 |  IDS Infotechidsil.com | Technology | IN |
| 2025-04-05 |  Nexia Poyiadjis ITnexia.com.cy | Technology | CY |
| 2025-01-11 |  TEDOMtedom.com | Manufacturing | CZ |
| 2025-04-05 |  Blackmon Mooringbmscat.com | Business Services | US |
| 2025-04-04 |  Sansone Groupsansonegroup.com | Not Found | US |
| 2025-04-04 |  National Sign corpnationalsign.net | Manufacturing | US |
| 2025-03-20 |  Cargills Bankcargillsbank.com | Financial Services | LK |
| 2025-03-20 |  Megacentromegacentro.cl | Consumer Services | CL |
| 2025-03-17 |  CableVisioncablevision.qc.ca | Telecommunication | CA |
| 2025-03-16 |  Courageous Home Carecourageoushomecare.com | Healthcare | US |
| 2025-03-11 |  Edesur Dominicanaedesur.com.do | Energy | DO |
| 2025-03-04 |  Tata Technologiestatatechnologies.com | Technology | IN |
| 2025-02-26 |  Kendall Auto Groupkendallautogroup.com | Consumer Services | US |
| 2025-02-04 |  Omni Unitedomni-united.com | Manufacturing | SG |
| 2025-02-25 |  Vermeer Mexicovermeermexico.com | Manufacturing | MX |
| 2025-02-11 |  Nichino Ryokka Co Ltdnichino-ryokka.co.jp | Agriculture and Food Production | JP |
| 2025-02-22 |  SPEED Cospeed.com.eg | Not Found | EG |
| 2025-02-22 |  CCOO Serviciosccoo-servicios.es | Business Services | ES |
| 2025-02-17 |  Swissmemswissmem.ch/en/index.html | Manufacturing | CH |
| 2021-09-09 |  Rogersrogershvac.com | Telecommunication | CA |
| 2025-02-08 |  SAKAI SOUKEN Co.sakai.co.jp | Manufacturing | JP |
| 2025-02-06 |  Robertshawrobertshaw.com | Manufacturing | US |
| 2025-01-20 |  PetroVietnam Exploration Production Corporationpvep.com.vn | Energy | VN |
| 2025-01-11 |  T. Hasegawa USAthasegawa.com | Manufacturing | US |
| 2025-01-11 |  Barber Specialtiesbarberspec.com | Business Services | US |
| 2025-01-11 |  Costexcostex.com | Manufacturing | US |
| 2025-01-11 |  Patriarche Office of Architecturepatriarche.fr | Business Services | FR |
| 2025-01-11 |  COROBcorob.com | Manufacturing | IT |
| 2025-01-11 |  RocSearchrocsearch.com | Business Services | GB |
| 2025-01-11 |  Unisource Information Servicesunisourcejv.com | Technology | US |
| 2025-01-03 |  Nikki-Universal Co Ltdn-u.co.jp | Manufacturing | JP |
| 2024-12-26 |  Family Help & Wellnessfamhelp.com | Healthcare | US |
| 2024-12-15 |  SeaLandAire Technologiessealandaire.com | Technology | US |
| 2024-10-31 |  SmartLynx Airlines SIAsmartlynx.aero | Transportation/Logistics | LV |
