The infamous Hunters Worldwide ransomware-as-a-service operation has introduced that it has shut down, in a message posted on its darkish internet leak web site.
In a press release on its extortion web site, the ransomware group says that it has not solely “determined to shut the Hunters Worldwide challenge” however can be providing free decryption instruments to its earlier victims – with no ransom cost required.
Hunters Worldwide doesn’t give a particular cause for its closure, however says that the “vital determination” was made “after cautious consideration and in mild of current developments.”
What may these “current developments” be?
Properly, the group had beforehand introduced on November 17 2024 that it will be shutting down its operations due to elevated consideration from regulation enforcement and a hunch in earnings. That announcement seems, on reflection, to have been untimely because the Hunters Worldwide group remained energetic.
Then, in April 2025, safety researchers claimed that Hunters Worldwide was deliberate to close down, and seemingly refocusing its modus operandi from exfiltration-encryption-extortion to a pure knowledge theft and extortion-only method below a brand new identify of “World Leaks.”
If that is correct then this is able to be simply the newest evolution of the Hunters Worldwide operation, which was itself born out of the ashes of the Hive ransomware group that was infiltrated and dismantled by the FBI.
Briefly, though this can be the tip of Hunters Worldwide – the aid could also be short-term.
This week’s announcement on the Hunters Worldwide leak web site coincides with the removing of its listing of previous victims, which have included Indian engineering large Tata Applied sciences and the London department of Chinese language state-owned financial institution ICBC.
The Hunters Worldwide ransomware-as-a-service group has claimed duty for a number of assaults all over the world, incomes tens of millions of {dollars} value of cryptocurrency for cybercriminals. The one notable nation which seems to have escaped the group’s undesirable consideration is Russia.
Common readers is not going to be shocked to listen to {that a} ransomware group has gone out of its approach to not goal organisations based mostly in Russia – a call borne out of a need for the nation’s regulation enforcement businesses to show a blind eye to their actions.
Whereas the shutdown of Hunters Worldwide might seem to be a victory for cybersecurity, the potential for re-emergence stays vital.
Organisations should proceed to prioritise their cybersecurity to safeguard towards cybercriminals, and preserve vigilance.
