• Law enforcement authorities from over a dozen countries in Europe and North America have dismantled the activities of the Hive ransomware group.
• The ransomware has targeted various organizations worldwide in the past couple of years, often extorting payments in cryptocurrency.
• The FBI captured the decryption keys of the ransomware, helping victims avoid paying $130 million in ransom.
Law enforcement authorities from the United States, Europe, and Canada have joined forces to take down one of the world’s most notorious ransomware networks, Hive. The FBI, Europol, and the U.S. Department of Justice (DOJ) all took part in the months-long campaign to disrupt the activities of this group, which is believed to have targeted organizations worldwide over the past few years.
Hive is a major cybersecurity threat, having been used by its affiliates to infiltrate and encrypt data and computer systems of government facilities, oil multinationals, IT and telecom companies in the EU and U.S., according to Europol. Hospitals, schools, financial firms, and critical infrastructure have also been affected. Chainalysis, a blockchain forensics company, estimated that the ransomware has collected at least $100 million from victims since its launch in 2021.
The FBI was able to penetrate Hive’s computers in July 2022 and retrieve its decryption keys. This allowed the agency to provide the decryption keys to victims, helping them avoid a total of $130 million in ransom payments.
Hive has had around 1,500 victims in more than 80 countries, according to the DOJ. The law enforcement agencies involved in the disruption campaign have worked together to share intelligence, collaborate on investigations, and coordinate the takedown of the network.
The Hive ransomware network is the latest to be taken down by law enforcement in recent years. In 2021, the Emotet botnet was dismantled and the Babuk ransomware group was arrested. Law enforcement agencies have also disrupted the operations of the REvil and Sodinokibi ransomware gangs.
The success of these operations shows that law enforcement is taking ransomware threats seriously. As cybercrime continues to become more sophisticated, it is important that international cooperation between law enforcement agencies continues to be strengthened. This will help protect organizations and individuals from the threat of ransomware attacks.