Worldleaks

Also known as Hunters International
Reports
18
First seen
May 11
Last seen
Jun 23
Motivation
extortion, financial extortion, financial

Targeting

Sectors
manufacturing ×7financial services ×2healthcare ×2professional services ×1energy utilities ×1agriculture ×1transportation logistics ×1retail ecommerce ×1
Victim regions
India ×6United States ×4Canada ×1Thailand ×1

Top ATT&CK techniques

T1566 Phishing ×1T1056 Input Capture ×1T1005 Data from Local System ×1T1187 Forced Authentication ×1T1053 Scheduled Task/Job ×1T1567 Exfiltration Over Web Service ×1T1190 Exploit Public-Facing Application ×1T1598 Phishing for Information ×1T1059 Command and Scripting Interpreter ×1

Indicators

domain ×33ip_v4 ×14cve ×4hash_md5 ×2hash_sha256 ×2hash_sha1 ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

High

Tata Electronics confirms cyberattack; World Leaks group claims stolen Apple manufacturing data

Bleeping Computer
High

Tata Electronics confirms cyberattack after World Leaks publishes alleged Apple, Tesla documents

The Record (Recorded Future News)
High

Worldleaks publishes L'Archevque & Rivest Ltée as ransomware victim

ransomware.live
High

Worldleaks publishes Super Finishing as ransomware victim

ransomware.live
High

Worldleaks publishes Reliance Group as ransomware victim

ransomware.live
High

Worldleaks publishes Tata Electronics as ransomware victim

ransomware.live
High

Worldleaks publishes First Federal Savings & Loan as ransomware victim

ransomware.live
High

Worldleaks claims Centra Sota Cooperative ransom victim

ransomware.live
High

Worldleaks publishes Apollo Pipes as new ransomware victim

ransomware.live
High

Worldleaks publishes GDL Transport as ransomware victim

ransomware.live
High

Worldleaks publishes M1xchange (Indian trade receivables platform) as ransomware victim

ransomware.live
High

Worldleaks publishes Access Dental as ransomware victim

ransomware.live
High

Worldleaks publishes United Auto Supply as new victim

ransomware.live
High

Worldleaks publishes CH Karnchang Public as ransomware victim

ransomware.live
High

Worldleaks ransomware gang publishes American Battery Factory as victim

ransomware.live
High

Worldleaks publishes BMJ Paperpack as ransomware victim

ransomware.live
High

Worldleaks claims Bestat Pharmaservices Corp victim

ransomware.live
unrated

Check Point Research Threat Intelligence Report – 11 May

Check Point Research

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.