Hunters

Malware updated 11 days ago (2024-08-27T19:17:57.944Z)
Download STIX
Preview STIX
Malware hunters, also known as bug hunters, are cybersecurity professionals who identify and address vulnerabilities in computer systems. In 2023, these experts earned $1,038,250 for identifying 58 unique zero-day vulnerabilities at Pwn2Own Toronto, a high-profile hacking event. This success underscores the critical role that these professionals play in securing digital infrastructure and protecting against malicious software, or malware. Companies such as Trend have been pioneering AI innovations since 2005 to support these security operations center (SOC) analysts and threat hunters, streamlining their operations and enhancing risk response. In recent years, hacktivist groups like Anonymous Venezuela and Cyber Hunters have taken a more active role in political conflicts, as demonstrated by their attacks on the Venezuelan government following the contested presidential elections on July 28th, 2024. Meanwhile, other groups like Hunters International have shifted their focus towards financial gain. Using a malware called SharpRhino, they establish control over targeted systems to launch sophisticated ransomware attacks. These attacks are not limited to any specific sector or region but are opportunistic in nature. The group also employs tactics such as data exfiltration before file encryption, changing file extensions to .locked, and guiding victims to a chat portal on the Tor network for payment instructions. Hunters International, linked to Russia, has shown progression in its tactics. This group acquired the SharpRhino malware from its original owners, who disbanded after international law enforcement intervened. Researchers from Quorum Cyber revealed that Hunters International has been active since October of the previous year and is deploying Hive ransomware. This evolution of ransomware groups highlights the constant advancements in cyber threats and the need for continuous vigilance and innovation in cybersecurity.
Description last updated: 2024-08-27T19:16:30.709Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Malware
Ransom
Exploit
Vulnerability
Facebook
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
IDTypeVotesProfile Description
HiveUnspecified
2
Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
IDTypeVotesProfile Description
Hunters InternationalUnspecified
2
Hunters International, a threat actor group allegedly linked to Russia, has emerged as a significant cybersecurity concern. The group, which has been active since October of the previous year, is known for executing malicious actions with intent to cause harm and gain financially. They have recently
Hive RansomwareUnspecified
2
Hive ransomware, a notorious threat actor, emerged as one of the most prolific groups in 2022, executing a series of cyberattacks with malicious intent. This group was responsible for numerous ransomware attacks, causing significant disruptions and damage across various sectors. However, in January
Source Document References
Information about the Hunters Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
InfoSecurity-magazine
8 days ago
Published Vulnerabilities Surge by 43%
Trend Micro
11 days ago
7 Cyber Attack Vectors & How to Protect Them
Checkpoint
20 days ago
19th August – Threat Intelligence Report - Check Point Research
Securityaffairs
a month ago
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs
a month ago
security-affairs-malware-newsletter-round-5
DARKReading
a month ago
Hunters International Masks SharpRhino RAT as Legit Network Admin Tool
CERT-EU
8 months ago
Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep state | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker
CERT-EU
6 months ago
GoSecure Titan® Managed Extended Detection & Response (MXDR) Foundation
CERT-EU
6 months ago
HackerGPT 2.0 â A ChatGPT-Powered AI Tool for Cyber Security | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker
CERT-EU
6 months ago
Russian hackers unleash sophisticated phishing campaigns across the globe
MITRE
2 years ago
Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware
CERT-EU
a year ago
ThreatHunter.ai: This Labor Day Holiday in the Ruthless Digital Frontier, We Are Your First and Last Line of Defense
CERT-EU
10 months ago
Weaponizing Wheat: How Strategic Competition With Russia Could Threaten American Food Security – Analysis
CERT-EU
9 months ago
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
CERT-EU
a year ago
Here’s how I get the most out of Burp Suite reporting
CERT-EU
9 months ago
Future-Proofing Cybersecurity: A Deep Dive into WithSecure's Innovative Mid-Market Security Solutions - Cybersecurity Insiders
CERT-EU
6 months ago
LockBit Ransomware Gang Returns, Taunts FBI and Vows Data Leaks
CERT-EU
2 years ago
Which dating app should you use? This guide can help you figure it out.
CERT-EU
a year ago
OnlyDcRatFans: Malware Distributed Using Explicit Lures of OnlyFans…
Malwarebytes
6 months ago
Facebook bug could have allowed attacker to take over accounts | Malwarebytes