Security News > 2024 > August > SharpRhino malware targets IT admins – Hunters International gang suspected

The latest malware from upstart criminal gang Hunters International appears to be targeting network admins, using attack code disguised as the popular networking tool Angry IP Scanner.

The malware seekers at Quorum Cyber identified the password to the archive, and once inside found an application named Microsoft.

Once its malware is firmly embedded in the system, Hunters International can use its remote access to spread out across the network and from there deploy more malware and info-stealing code.

Based on the code, the tactics it uses, and the vector of attack, Quorum Cyber's analysts strongly suspects this malware is the work of Hunters International - a ransomware-as-a-service gang that was first spotted in October of last year.

Its speedy rise - and its use of the Hive ransomware in the early days - lead many to suspect that the Hunters are simply the Hive crew rebranded.

"So far, Hunters International has claimed responsibility for 134 attacks in the first seven months of 2024," wrote Quorum Cyber threat intelligence analyst Michael Forret.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/08/07/sharprhino_malware_admins/