The infamous Hunters Worldwide ransomware-as-a-service operation has introduced that it has shut down, in a message posted on its darkish internet leak website.
In a press release on its extortion website, the ransomware group says that it has not solely “determined to shut the Hunters Worldwide venture” however can be providing free decryption instruments to its earlier victims – with no ransom cost required.
Hunters Worldwide doesn’t give a particular cause for its closure, however says that the “vital determination” was made “after cautious consideration and in mild of latest developments.”
What may these “latest developments” be?
Nicely, the group had beforehand introduced on November 17 2024 that it could be shutting down its operations due to elevated consideration from regulation enforcement and a droop in earnings. That announcement seems, on reflection, to have been untimely because the Hunters Worldwide group remained lively.
Then, in April 2025, safety researchers claimed that Hunters Worldwide was deliberate to close down, and seemingly refocusing its modus operandi from exfiltration-encryption-extortion to a pure information theft and extortion-only method below a brand new title of “World Leaks.”
If that is correct then this could be simply the newest evolution of the Hunters Worldwide operation, which was itself born out of the ashes of the Hive ransomware group that was infiltrated and dismantled by the FBI.
Briefly, though this can be the top of Hunters Worldwide – the reduction could also be momentary.
This week’s announcement on the Hunters Worldwide leak website coincides with the elimination of its checklist of previous victims, which have included Indian engineering big Tata Applied sciences and the London department of Chinese language state-owned financial institution ICBC.
The Hunters Worldwide ransomware-as-a-service group has claimed duty for a number of assaults all over the world, incomes thousands and thousands of {dollars} value of cryptocurrency for cybercriminals. The one notable nation which seems to have escaped the group’s undesirable consideration is Russia.
Common readers is not going to be stunned to listen to {that a} ransomware group has gone out of its manner to not goal organisations primarily based in Russia – a choice borne out of a need for the nation’s regulation enforcement companies to show a blind eye to their actions.
Whereas the shutdown of Hunters Worldwide could appear to be a victory for cybersecurity, the potential for re-emergence stays vital.
Organisations should proceed to prioritise their cybersecurity to safeguard towards cybercriminals, and preserve vigilance.
