Login
Hackers Reportedly Seize Over 380GB of U.S. Marshals Secret Files
Bite-Sized Cybersecurity Blog
Blog
September 2, 2024
Hackers Reportedly Seize Over 380GB of U.S. Marshals Secret Files

The hacking group Hunters International has claimed to have taken away over 380 GB of vital data from the U.S. Marshals Service, which includes confidential documents covering gangs, active cases, and information related to electronic surveillance. According to reports from the cybersecurity firm Hackmanac, the hacking group published pictures of some allegedly stolen records on the data leak site. Hackmanac sent these screenshots to Gizmodo and claimed that Hunters International exfiltrated more than 327,000 documents from the federal law enforcement agency. The ransom is expected to be paid by August 30.

Other documents that Hunters International are believed to have stolen include files related to “Operation Turnbuckle,” a marshals operation reported on in 2022 that led to upwards of a dozen arrests of drug trafficking suspects in upstate New York. Members also posted screenshots of gang-related files and active case files, all of which appeared to contain headshots and detailed information about suspects. These disclosures had caused widespread concern over the potential exposure of sensitive law enforcement operations and the safety of those involved.

The U.S. Marshals Service had already suffered another cyber incident in just early February 2023, with a ransomware attack that put the service out of action for several months. At this stage, it’s unclear if the USMS incident was part of the data breach Hunter International alleges.

Sofia Scozzari, CEO of Hackmanac, commented that while the source of the data the hackers claimed to have stolen remained less certain, the timing of the claim raised suspicious circumstances of a correlation between the two.

The U.S. Marshals Service said they are aware of the allegations and have reviewed the materials posted online. “Materials reviewed so far do not appear to relate to any recent or unrevealed security breach,” according to a statement from an agency spokesman, Brady McCarron, which would mean that the agency believes the breach may relate to older, previously known vulnerabilities or data sets rather than new ones. Hunters International is a relatively new player in the cybersecurity threat landscape, with researchers first identifying it as a threat group in October 2023.

Their emergence shortly after the February 2023 attack on the U.S. Marshals Service has raised speculation around their origins and connections. According to some cybersecurity experts, Hunters International is a rebranding of the Hive ransomware group, which was busted open and targeted by the FBI after a six-month investigation that ended in January 2023. However, Hunters International claims it bought and upgraded Hive’s malware, and it doesn’t directly descend from Hive.

Related Posts

Bite-Sized Offensive Cybersecurity Newsletter

We value your time and deliver only the most interesting and impactful updates straight to your inbox. No spam. Unsubscribe anytime.

Join over 10,000 people who have already subscribed.

Newsletter