‘Hunters International’ Ransomware Gang Hits Chinese ICBC Bank’s London Headquarters

• The Hunters International ransomware group claimed a data breach targeting the London branch of ICBC Bank.
• The threat actor reportedly stole over 5.2 million files from the Chinese bank’s database.
• The alleged exfiltrated data could contain sensitive customer information and may be leaked soon. 

Hunters International ransomware group reportedly claims to have exfiltrated over 5.2 million files from the London branch of the Industrial and Commercial Bank of China (ICBC). The cybercriminal gang allegedly stole 6.6 terabytes of data and set a September 13 deadline to leak the information unless their demands were met.

Hunters International's claims have not yet been verified, and the bank has yet to announce the scope and nature of the cyberattack. 

A major player in the financial sector and the largest bank globally by assets, ICBC holds $6.3 trillion as of mid-2024, with an annual revenue of $113 billion.

Hunters International is part of a ransomware-as-a-service (RaaS) operation and debuted in October 2023 and claimed approximately 40 confirmed ransomware attacks that impacted about 1.4 million records. 

Despite its recent entry into the ransomware landscape, the threat actor rapidly gained notoriety, claiming responsibility for breaches in over 134 organizations worldwide this year alone. This list of victims notably excludes Russia, indicating a possible geographic strategy behind the group's operations.

Recently confirmed attacks claimed by Hunters International on financial companies include Quálitas Compañía de Seguros (Mexico) in August 2024 and Bank Rakyat (Malaysia) last week.

Recently, hundreds of Indian banks went offline as a ransomware attack hit a local technology provider that works with numerous banks in the country. In other news, Highline Public Schools was the victim of an unclaimed cyberattack that suspended all school activities on the first day of school.