iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Hunters International ransomware gang has claimed to have exfiltrated data from a Sydney-based accounting firm.
The ransomware group listed T A Khoury & Co on its dark web leak site, claiming to have stolen 63.7 gigabytes worth of data.
Although the specifics of the data are unknown, Hunters International divided the files into two categories – “Client Files” and “Financial Data”.
While both sections have 63.7 gigabytes of data each, the exact same amount of data and the identical number of files (149,205) suggest that both categories hold the same data.
T A Khoury & Co is yet to issue a statement on the incident, but according to the VenariX threat feed, the firm’s website was inaccessible for some time. Cyber Daily has since observed that the website is back up.
Unlike some of its other listings, Hunters International has not put a countdown timer on the T A Khoury & Co listing.
Hunters International is a relatively young ransomware gang, having first appeared in October last year. In a short time, it has launched a number of high-profile attacks, including on the US subsidiary of Australian shipbuilder and defence contractor Austal.
While Hunters International’s origins are up for debate, several cyber experts have concluded that the group appeared out of the ashes of the Hive ransomware group, which was taken down by the FBI midway through last year.
Based on reports, Hunters International has been observed using the same malware code as Hive, with researchers noting a number of substantial code overlaps.
“It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to another group, Hunters International,” wrote Bitdefender in a report.
“While Hive has been one of the most dangerous ransomware groups, it remains to be seen if Hunters International will prove equally or even more formidable.”
Be the first to hear the latest developments in the cyber industry.
