Authorities shut down HIVE ransomware infrastructure, provide decryption tools

2023-01-26 16:45

Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware.

In the last year, HIVE ransomware has been identified as a major threat as it has been used to compromise and encrypt the data and computer systems of large IT and oil multinationals in the EU and the USA. Since June 2021, over 1 500 companies from over 80 countries worldwide have fallen victim to HIVE associates and lost almost EUR 100 million in ransom payments.

Affiliates executed the cyberattacks, but the HIVE ransomware was created, maintained and updated by developers.

Since June 2021, criminals have used HIVE ransomware to target many businesses and critical infrastructure sectors, including government facilities, telecommunication companies, manufacturing, information technology, and healthcare and public health.

Some HIVE actors gained access to victim's networks by using single factor logins via Remote Desktop Protocol, virtual private networks, and other remote network connection protocols.

Europol streamlined victim mitigation efforts with other EU countries, which prevented private companies from falling victim to HIVE ransomware.

News URL

https://www.helpnetsecurity.com/2023/01/26/hive-ransomware-shut-down/

#decryption #ransomware #hive #infrastructure #tools