Suche
Mein Konto
Hive Ransomware Network dismantled by American, European law enforcement agencies –
Law enforcement agencies from over a dozen countries in Europe and North America took part in disrupting the activities of the Hive ransomware group, the U.S. Department of Justice and Europol said. Hive is believed to have targeted various organizations worldwide in recent years, often extorting cryptocurrency payments. Captured decryption keys helped Hive victims avoid paying $130 million in ransom The Hive ransomware network, which had around 1,500 victims in more than 80 countries, was hit in a months-long disruption campaign, the US Department of Justice (DOJ) and the European Union Agency for Cooperation in the Field said.
Hive Ransomware Network dismantled by American, European law enforcement agencies –
Law enforcement agencies from over a dozen countries in Europe and North America took part in disrupting the activities of the Hive ransomware group, the U.S. Department of Justice and Europol said. Hive is believed to have targeted various organizations worldwide in recent years, often extorting cryptocurrency payments.
Captured decryption keys helped Hive victims avoid paying a $130 million ransom
The Hive ransomware network, which had around 1,500 victims in more than 80 countries, was hit in a months-long disruption campaign, the US Department of Justice (DOJ) and the European Union Agency for Law Enforcement Cooperation (Europol) said. A total of 13 nations took part in the operation, including EU member states, the United Kingdom and Canada.
Hive has been identified as a major cybersecurity threat as the ransomware was used by associated actors to compromise and encrypt data and computer systems of government institutions, oil multinationals, IT and telecommunications companies in the EU and the US, Europol said. Hospitals, schools, financial companies and critical infrastructure were targeted, the DOJ noted.
It has been one of the most prolific ransomware strains, as Chainalysis pointed out, having raised at least $100 million from victims since its launch in 2021 Test report from the blockchain forensics firm revealed that it has revenue from such attacks reduced over the past year, with a growing number of affected organizations refusing to pay demanded ransoms.
According to law enforcement announcements, in July 2022, the US Federal Bureau of Investigation (FBI) penetrated Hive's computers and captured its decryption keys, which they made available to victims around the world, preventing them from paying an additional $130 million.
Working with the German Federal Police and the Dutch High-Tech Crime Unit, the Bureau has now taken control of the servers and websites that Hive used to communicate with its members and victims, including the Dark web Domain where the stolen data was sometimes posted. FBI Director Christopher Wray was quoted as saying:
The coordinated disruption of Hive's computer networks... demonstrates what we can achieve when we combine a relentless search for useful technical information to share with victims.
Hive ransomware was created, maintained, and updated by developers while distributed by affiliated companies in a “ransomware-as-a-service” ( RaaS ) model of double extortion, explained Europol. The affiliates first copied the data and then encrypted the files before demanding a ransom to decrypt the information and not publish it on the leak site.
The attackers exploited various vulnerabilities and used a variety of methods, including single-factor logins via Remote Desktop Protocol (RDP), virtual private networks (VPNs) and other remote network connection protocols, as well as phishing emails containing malicious attachments, law enforcement detailed.
Do you expect police departments around the world to take down more ransomware networks in the near future? Tell us in the comments section below.
Photo credit: Shutterstock, Pixabay, WikiCommons