• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new ransomware group emerges with hive's source code and infrastructure

New Ransomware Group Emerges with Hive’s Source Code and Infrastructure

You are here: Home / General Cyber Security News / New Ransomware Group Emerges with Hive’s Source Code and Infrastructure
November 13, 2023

The danger actors guiding a new ransomware group referred to as Hunters Worldwide have acquired the supply code and infrastructure from the now-dismantled Hive procedure to kick-commence its individual attempts in the threat landscape.

“It seems that the leadership of the Hive group manufactured the strategic determination to stop their functions and transfer their remaining belongings to a further group, Hunters International,” Martin Zugec, technical remedies director at Bitdefender, mentioned in a report posted previous 7 days.

Hive, when a prolific ransomware-as-a-provider (RaaS) operation, was taken down as portion of a coordinated legislation enforcement operation in January 2023.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Whilst it’s widespread for ransomware actors to regroup, rebrand, or disband their things to do pursuing such seizures, what can also happen is that the main builders can pass on the source code and other infrastructure in their possession to another menace actor.

Cybersecurity

Studies about Hunters Global as a probable Hive rebrand surfaced last thirty day period immediately after several code similarities had been recognized in between the two strains. It has considering the fact that claimed five victims to day.

The risk actors driving it, nevertheless, have sought to dispel these speculations, stating that it acquired the Hive source code and web page from its developers.

“The group appears to place a bigger emphasis on data exfiltration,” Zugec mentioned. “Notably, all claimed victims experienced facts exfiltrated, but not all of them experienced their details encrypted,” producing Hunters International a lot more of a knowledge extortion group.

Bitdefender’s assessment of the ransomware sample reveals its Rust-based foundations, a point borne out by Hive’s changeover to the programming language in July 2022 for its amplified resistance to reverse engineering.

“In general, as the new group adopts this ransomware code, it seems that they have aimed for simplification,” Zugec claimed.

Cybersecurity

“They have diminished the amount of command line parameters, streamlined the encryption critical storage procedure, and made the malware a lot less verbose in comparison to before variations.”

The ransomware, other than incorporating an exclusion checklist of file extensions, file names, and directories to be omitted from encryption, operates instructions to reduce information restoration as well as terminate a variety of processes that could perhaps interfere with the system.

“Though Hive has been a single of the most hazardous ransomware groups, it stays to be witnessed if Hunters Intercontinental will demonstrate similarly or even more formidable,” Zugec famous.

“This team emerges as a new threat actor commencing with a mature toolkit and seems keen to clearly show its abilities, [but] faces the undertaking of demonstrating its competence in advance of it can attract large-caliber affiliates.”

Found this post attention-grabbing? Adhere to us on Twitter  and LinkedIn to go through a lot more unique content we article.


Some pieces of this short article are sourced from:
thehackernews.com

Previous Post: «top 5 marketing tech saas security challenges Top 5 Marketing Tech SaaS Security Challenges
Next Post: CISA Sets a Deadline – Patch Juniper Junos OS Vulnerabilities Before November 17 cisa sets a deadline patch juniper junos os vulnerabilities»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.