The results of a joint investigation that the United States DoJ and FBI conducted over several months were made public (1) on Thursday, January 26, 2019. This investigation completely hampered the operations of the Hive ransomware group.
Ransomware Created by the Hive Group
According to the inquiry's findings, the Hive ransomware organization has targeted over 1500 victims in 80 different countries, including hospitals, financial businesses, school districts, and other essential infrastructure.
Over the last eight months, agents from the FBI have infiltrated the computer networks used by Hive, extracted the descriptions keys, and made them available to victims worldwide. In addition to this, they assist victims in avoiding the payment of a ransom demand of one hundred thirty million dollars.
As per the paper, the FBI has given 300 decryption keys to former victims of the Hive since July 2022.
In addition, the FBI has been collaborating with German enforcement agencies and the Netherlands National High Tech Crime Unit, which has resulted in Hive being unable to attack and extort people as effectively as before.
Merrick B. Garland, the Attorney General of the United States, had this to say in response to the recent development:
"Late last night, the Justice Department successfully dismantled a worldwide ransomware network that was involved in embezzling and trying to blackmail several hundred million dollars off individuals in the United States and throughout the world. We will keep working both to stop these assaults and to help those who have been hurt in them. Individuals who have been attacked will continue to get our assistance. In addition, with the help of our allies from other nations, we will keep up our efforts to dismantle the criminal organizations behind these acts.
Crypto Blackmails Have been Increasing
The overall number of ransomware assaults inside the crypto currency realm has also been on the rise, which coincides with the robust expansion of the crypto currency industry. Malicious software that, in order to regain access to a computer, demands payment in the form of a ransom is what ransomware refers to in its most basic form.
Recently, attackers have begun seeking ransom payments, mainly in crypto currencies. Any electronic equipment linked to the internet is at risk of becoming a victim of ransomware. Phishing assaults, on the other hand, are almost often the primary attack vector.
According to the FBI, Hive specifically targets victims to steal sensitive information, including documents, emails, photographs, and videos. After some time has passed, they encrypt these data and then demand a ransom in the form of Bitcoin from the victims to give them back their decryption key required to recover the files.
In addition, Hive would extort additional money under the pretense that they would not expose the stolen material on the dark web in exchange for the money. If the victim does not pay, the information will be made available on the dark web by Hive.
According to Garland, "The Court Department will spare no expense in its pursuit to identify and bring to justice anybody, wherever in the world, who attacks the United States with such a ransomware assault."