Security News

Hive ransomware servers shut down at last, says FBI
2023-01-27 19:58

Six months ago, according to the US Department of Justice, the Federal Bureau of Investigation infiltrated the Hive ransomware gang and started "Stealing back" the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two associated groups of cybercriminals.

FBI takes down Hive ransomware group
2023-01-27 19:47

The FBI has revealed the results of a month-long campaign designed to thwart an infamous ransomware group known for extorting hospitals, school districts and critical infrastructure. Since the FBI's campaign started, more than 300 decryption keys have been given to Hive victims under attack, while more than 1,000 were provided to victims of the gang's previous attacks.

US offers $10M bounty for Hive ransomware links to foreign governments
2023-01-26 20:41

The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group with foreign governments. "If you have information that links Hive or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward," the State Department's Rewards for Justice Twitter account said.

FBI smokes ransomware Hive after secretly buzzing around gang's network for months
2023-01-26 20:30

The FBI said it has shut down the Hive's ransomware network, seizing control of the notorious gang's servers and websites, and thwarting the pesky criminals' ability to sting future victims. The takedown, which happened Wednesday night, was the culmination of a seven-month covert operation during which the FBI hacked Hive's network and used that access to provide decryption keys to more than 300 victims, saving them $130 million in ransomware payments, we're told.

Authorities shut down HIVE ransomware infrastructure, provide decryption tools
2023-01-26 16:45

Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware.In the last year, HIVE ransomware has been identified as a major threat as it has been used to compromise and encrypt the data and computer systems of large IT and oil multinationals in the EU and the USA. Since June 2021, over 1 500 companies from over 80 countries worldwide have fallen victim to HIVE associates and lost almost EUR 100 million in ransom payments.

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
2023-01-26 16:20

The infrastructure associated with the Hive ransomware-as-a-service operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol said in a statement.

Hive ransomware disrupted after FBI hacks gang's systems
2023-01-26 15:14

The Hive ransomware operation's Tor payment and data leak sites were seized as part of an international law enforcement operation after the FBI infiltrated the gang's infrastructure last July. Today, the US Department of Justice and Europol announced that an international law enforcement operation secretly infiltrated the Hive ransomware gang's infrastructure in July 2022, when they secretly began monitoring the operation for five months.

Hive ransomware dark web sites seized by law enforcement
2023-01-26 15:14

Today, the Hive ransomware Tor payment and data leak sites were seized as part of an international law enforcement operation involving the US Department of Justice, FBI, Secret Service, Europol, and Germany's BKA and Polizei. The seizure notice on the Tor sites also lists a wide range of other countries involved in the law enforcement operation, including Canda, France, Lithuania, Netherlands, Norway, Portugal, Romania, Spain, Sweden, and the United Kingdom.

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
2023-01-16 10:09

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33," Qihoo Netlab 360's Alex Turing and Hui Wang said in a technical write-up published last week.

Hive ransomware crooks extort $100m from 1,300 global victims
2022-11-18 20:35

Hive ransomware criminals have hit more than 1,300 companies globally, extorting about $100 million from its victims over the last 18 months, according to the FBI. While Hive has only been around since June 2021, the ransomware-as-a-service operator has been extremely prolific in its relatively short existence, and taken an intense liking to critical infrastructure and hospitals, where locked IT systems can literally be a matter of life and death. While the initial intrusion will depend on which Hive affiliate is carrying out the attack, the criminals have broken into networks using stolen single-factor RDP logins, virtual private networks and other remote network connection protocols, according to the agencies.