Security News > 2023 > January > Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
2023-01-26 16:20

The infrastructure associated with the Hive ransomware-as-a-service operation has been seized as part of a coordinated law enforcement effort involving 13 countries.

"Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol said in a statement.

The U.S. Department of Justice said the Federal Bureau of Investigation penetrated the Hive networks in July 2022 and captured over 300 decryption keys that were then handed over to companies compromised by the gang, effectively saving $130 million in ransom payments.

The FBI also distributed more than 1,000 additional decryption keys to previous Hive victims, the DoJ added.

Hive, which sprang up in June 2021, has been a prolific cybercrime crew, launching attacks against 1,500 organizations in no less than 80 countries and netting it $100 million in illicit profits.

According to statistics collected by MalwareBytes, Hive claimed 11 victims in November 2022, placing it at the sixth spot behind Royal, LockBit, ALPHV, BianLian, and LV. "Some Hive actors gained access to victim's networks by using single factor logins via Remote Desktop Protocol, virtual private networks, and other remote network connection protocols," Europol explained.


News URL

https://thehackernews.com/2023/01/hive-ransomware-infrastructure-seized.html