Newly emergent ransomware operation Hunters International has launched attacks leveraging the infrastructure and source code of Hive ransomware, which was dismantled in a law enforcement operation in January, The Hacker News reports.
Initial reports have purported Hunters International to be a Hive ransomware rebrand but Hunters International emphasized that its attack infrastructure has been purchased from Hive, said Bitdefender Technical Solutions Director Martin Zugec in a report.
Despite code similarities between both operations, Hunters International has sought to simplify its attacks with reduced command line parameters, more concise malware, and a streamlined encryption key storage approach. Hunters International has also focused more on data exfiltration activities, according to the report.
"While Hive has been one of the most dangerous ransomware groups, it remains to be seen if Hunters International will prove equally or even more formidable... This group emerges as a new threat actor starting with a mature toolkit and appears eager to show its capabilities, [but] faces the task of demonstrating its competence before it can attract high-caliber affiliates," noted Zugec.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news