Hunters International, one of the most active ransomware operations of the past two years, said on 3 July that it is shutting down and will provide free decryption software to all organisations it previously extorted. In a statement on its dark-web site the group asked victims to request keys through its portal, saying the move aims to let companies "recover your encrypted data without the burden of paying ransoms." The gang emerged in late 2023 and has since claimed nearly 300 attacks worldwide, targeting entities ranging from the U.S. Marshals Service and Japanese optics maker Hoya to Oklahoma-based Integris Health and the Fred Hutch Cancer Center. Ransom demands reportedly ranged from hundreds of thousands to several million dollars, depending on the size of the victim. Cyber-security analysts at Recorded Future and Group-IB say the closure may be a strategic rebrand rather than a retirement. Evidence collected since April indicates the operators are migrating to a data-extortion outfit known as World Leaks, a shift that could help them evade growing law-enforcement scrutiny that has made ransomware "extremely risky," according to previous messages attributed to the group.