The U.S. Justice Department (DoJ) in conjunction with the Federal Bureau of Investigation (FBI) crackdown on the Hive ransomware group through its months-long disruption campaign.
According to the report, Hive ransomware group “targeted more than 1,500 victims in over 80 countries around the world, including hospitals, school districts, financial firms, and critical infrastructure.”
Attorney General Merrick B. Garland stated, “Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world.”
The Hive group which operates a ransomware-as-a-service (RaaS) model has targeted over 1,500 victims worldwide since June 2021 and has amassed over $100 million in crypto extortion payments.
Attacks by Hive ransomware hampered victims’ daily activities across the globe and hampered responses to the COVID-19 outbreak.
Operators from the Hive used a double-extortion attack strategy where an affiliate would steal or exfiltrate confidential information before encrypting the target.
The affiliate then demanded crypto ransom in exchange for a promise not to disclose the stolen data in addition to the decryption key required to unlock the victim’s system.
For added pressure to pay, Hive attackers usually targeted a victim’s system’s most private information. On the Hive Leak Site, Hive exposed the information of victims who refuse to pay.
The FBI has infiltrated Hive’s computer networks since late July 2022, obtained its decryption keys, and made them available to victims all over the world, sparing them from having to pay the $130 million requested in ransom.
The FBI has given over 300 Hive victims who were being attacked the decryption keys since breaking into Hive’s network. Additionally, the FBI gave more than a thousand extra decryption keys to previous Hive victims.
The Justice Department reports that it has taken control of the servers and websites in collaboration with German law enforcement and the Netherlands National High Tech Crime Unit that Hive uses to interact with its members, preventing Hive from attacking and extorting victims.