The infamous Hunters Worldwide ransomware-as-a-service operation has introduced that it has shut down, in a message posted on its darkish internet leak web site.
In an announcement on its extortion web site, the ransomware group says that it has not solely “determined to shut the Hunters Worldwide challenge” however can also be providing free decryption instruments to its earlier victims – with no ransom cost required.
Hunters Worldwide doesn’t give a particular cause for its closure, however says that the “vital determination” was made “after cautious consideration and in mild of current developments.”
What may these “current developments” be?
Effectively, the group had beforehand introduced on November 17 2024 that it could be shutting down its operations due to elevated consideration from legislation enforcement and a hunch in earnings. That announcement seems, on reflection, to have been untimely because the Hunters Worldwide group remained energetic.
Then, in April 2025, safety researchers claimed that Hunters Worldwide was deliberate to close down, and seemingly refocusing its modus operandi from exfiltration-encryption-extortion to a pure information theft and extortion-only strategy below a brand new title of “World Leaks.”
If that is correct then this could be simply the newest evolution of the Hunters Worldwide operation, which was itself born out of the ashes of the Hive ransomware group that was infiltrated and dismantled by the FBI.
In brief, though this can be the top of Hunters Worldwide – the aid could also be non permanent.
This week’s announcement on the Hunters Worldwide leak web site coincides with the removing of its listing of previous victims, which have included Indian engineering large Tata Applied sciences and the London department of Chinese language state-owned financial institution ICBC.
The Hunters Worldwide ransomware-as-a-service group has claimed accountability for a number of assaults around the globe, incomes hundreds of thousands of {dollars} price of cryptocurrency for cybercriminals. The one notable nation which seems to have escaped the group’s undesirable consideration is Russia.
Common readers is not going to be shocked to listen to {that a} ransomware group has gone out of its approach to not goal organisations primarily based in Russia – a choice borne out of a want for the nation’s legislation enforcement companies to show a blind eye to their actions.
Whereas the shutdown of Hunters Worldwide might seem to be a victory for cybersecurity, the potential for re-emergence stays vital.
Organisations should proceed to prioritise their cybersecurity to safeguard towards cybercriminals, and keep vigilance.
