Hunters International, the ransomware gang behind the Benetton Group and Circle K hacks, claims it’s retiring, adding the “decision was not made lightly.”
The gang announced its departure on its dark web leak site, which was previously used to showcase the hundreds of organizations its affiliates breached and extorted. Unexpectedly for a financially motivated cartel of digital extortionists, the gang will supposedly assist the companies it robbed in the first place.
“As a gesture of goodwill and to assist those affected by our previous activities, we are offering free decryption software to all companies that have been impacted by our ransomware,” the gang’s message said.
It’s not clear what caused such a sudden change of heart. However, it goes without saying that no company should try accepting any software from a cybercriminal gang that made its living by implanting malware on victims’ systems.
Moreover, Hunter International’s claims have not been confirmed at the time of writing.
In an attempt to muddle their true identities and attract new affiliates, ransomware gangs often rebrand. For example, Hunters International was born from the ashes of another major ransomware cartel, Hive.
Cybersecurity researcher Dominic Alvieri claims that Hunters International changed its modus operandi and is switching to data theft and exfiltration. The new operation is named World Leaks.
Hunters International is closing down their operation and as gesture of goodwill they are offering a free decryptor. What swell guys.
undefined Dominic Alvieri (@AlvieriD) July 3, 2025
Don’t forget they are now World Leaks. https://t.co/kELDpT2cCG pic.twitter.com/H3JVXGPDst
Hunters International emerged in late 2023 after the gang was noted for using a modified version of Hive ransomware. According to researchers at the cybersecurity company Bitdefender, it appears that the leadership of the Hive group made the strategic decision to cease operations and transfer its remaining assets to another group.
The gang has been responsible for numerous hacks. Last year, attackers targeted the global fashion company Benetton Group. In June 2024, Hunters claimed they struck a popular convenience store chain, Circle K, with attackers supposedly stealing gigabytes of Circle K Atlanta’s data.
According to Cybernews’ dark web monitoring tool, Ransomlooker, Hunters International has victimized over 300 organizations since its inception.
Your email address will not be published. Required fields are markedmarked