A hacking radical claims to person stolen much than 380 gigabytes of information from the U.S. Marshals Service, including confidential and top-secret documents and records astir gangs, progressive cases, and physics surveillance.
The ransomware radical Hunters International took recognition for the breach and posted pictures of the allegedly stolen records connected its information leak site, according to the cybersecurity steadfast Hackmanac, which provided screenshots of the station to Gizmodo. In total, the radical claims to person exfiltrated much than 327,000 files from the national instrumentality enforcement bureau liable for tracking down fugitives and moving the witnesser extortion program. The hackers acceptable an August 30 deadline for a ransom to beryllium paid.
A spokesperson for the U.S. Marshals Service told Gizmodo helium could not yet corroborate the breach’s authenticity but that the bureau was looking into the claims. In summation to screenshots of what it says are pack files and progressive lawsuit files, which look to incorporate headshots and different accusation astir suspects, the hacking radical besides posted documents it claimed were from “Operation Turnbuckle.” In 2022, upstate New York media outlets reported connected a marshals cognition by the aforesaid sanction that led to the apprehension of much than a twelve cause trafficking suspects.
If confirmed, this would beryllium the 2nd large breach of the Marshals’ machine systems successful arsenic galore years. The bureau suffered a debilitating ransomware attack successful February of 2023 that crippled immoderate of its systems for months. It’s not instantly wide whether the information Hunters International claims to person stolen is connected to that breach, said Sofia Scozzari, the CEO of Hackmanac. Cybersecurity researchers archetypal identified Hunters International arsenic a menace radical successful October 2023, astir 8 months aft the U.S. Marshals Service ransomware attack
After Hunters International emerged connected the scene, cybersecurity researchers speculated that it was a rebranding of the Hive ransomware group, which the FBI infiltrated and disrupted successful a six-month probe culminating successful January 2023. Hunters International, however, claimed that it had simply purchased Hive’s malware and improved upon it. Hackmanac has tracked 181 attacks connected to the radical targeting a wide scope of victims crossed backstage manufacture and government.
The radical offers ransomware-as-a-service, meaning it sells and rents retired its malware that infects a target’s strategy and encrypts the files. The attacker past charges a interest to instrumentality entree to the files. About 75 percent of the Hunters International attacks Hackmanac has documented impact ransomware, Scozzari said, but in its posts astir the U.S. Marshals Service’s information the radical did not assertion to person encrypted the files successful summation to stealing them, arsenic it has done previously.
“It is wide that for Hunters, information is wealth and the group’s main absorption is maximizing profits” alternatively than immoderate governmental motivation, Scozzari said. “In this regard, the much delicate the stolen data, the greater the chances of receiving a ample payment.”