- The FBI has taken down the server of the ransomware group Hive while preventing $130 million in ransom demands.
- Hive has operated since 2021, targeting hospitals, schools, and financial institutions.
- The U.S. Department of State is offering $10 million up to $10 million for information on the group.
The United States Department of Justice (DOJ) has announced that the Federal Bureau of Investigation (FBI) has seized the website and thwarted over $130 million in crypto demands from the notorious ransomware group, Hive.
Over 1,500 Victims Attacked by Hive
According to reports, the Hive ransomware group used affiliates to target over 1,500 hospitals, schools, and banks in over 80 countries. The group has amassed over $100 million from its victims since 2021.
Hive created malware that would encrypt computer systems after affiliates stole sensitive documents. The affiliates would demand ransom for both the data and a decryption key.
The report states that Hive attacked a Midwestern hospital disrupting care amid the COVID-19 pandemic. The hospital was forced to pay a ransom before treating its patients online.
Hacking the Hacker
The Justice Department said that it began infiltrating the group in July 2022. FBI agents, including those in the Orlando office, penetrated Hive’s computer networks and performed a “21st-century high-tech cyber stakeout.”
In the Hive system, the operatives collected decryption keys for victims under attack by Hive. FBI agents provided over 1,300 decryption keys to help victims recover their data and systems from Hive.
In acting before payments were made to Hive, the FBI prevented victims from being forced to pay approximately $130 million in ransoms to Hive affiliates.
After six months of operating from within, the DOJ announced on Thursday, January 26th, that the FBI and international partners in Germany and the Netherlands had successfully taken down Hive’s infrastructure and seized their servers.
Ransomware Payments Exceeded $130 Million
While the FBI thwarted $130 million in crypto-ransomware, the notorious organization had extorted more from institutions.
According to FBI Director Chris Wray, only about 20% of Hive’s victims reported the ransomware attacks to law enforcement agencies.
To achieve a better outcome, the Justice Department has urged individuals and institutions to alert investigators to potential attacks in real-time.
U.S. Opens Bounty for Hive Affiliates
Federal prosecutors do not plan to stop taking down Hive’s servers. The Department of State today offered up to $10 million for information that could help track down the ransomware group.
The State Department’s Rewards for Justice Twitter account has called on members of the public with information to reach them “on Signal, Telegram, WatshApp, or via our Tor-based tip line.”
On the Flipside
- The FBI has not made any arrests concerning Hive’s illicit activities, but prosecutors say the investigation is active and ongoing.
Why You Should Care
The Justice Department has noted that it will spare no resources to bring to justice the perpetrators of the increasingly frequent ransomware attacks across the United States.
Find more on ransomware attack culprits in:
Russia Linked to Nearly 75% of Ransomware Attacks, New Report Finds
Like ransomware attacks, phishing is also on the rise. Read more below:
Crypto Phishing Scams Likely Coming as Hacker Leaks Emails of 235M Twitter Users