Tuesday, February 27, 2024

U.S. Offers $10 Million Reward for Information on Hive Ransomware

The United States State Department has recently revealed a $10 million reward for any valuable information that could lead to the detection or whereabouts of the principal members of the Hive ransomware gang.

Following that, the State Department has announced a $5 million reward for providing any information that leads to the arrest or conviction of the suspected cybercriminals.

Document
Protect Your Network From Data Breach

Perimeter’s 81 Malware Protection for Network Based Threats

Prevent malware from infecting your network at the delivery stage by intercepting malicious files in transit from their source to the target device’s web browser..

Over a year ago, the FBI collaborated with international law enforcement to conduct a seven-month covert surveillance operation that resulted in the seizure of the gang’s servers and websites. 

“Beginning in late July 2022, the FBI penetrated Hive’s computer networks, obtained its decryption keys and offered them to victims worldwide, preventing victims from having to pay up to $130 million in ransoms demanded,” the State Department said. 

Since the start of 2021, Hive and its affiliated groups have targeted attacks against over 1,500 organizations across 80 countries. 

Hive Ransomware Attacks

These attacks have resulted in the theft of over $100 million in funds. The victims of these attacks include school districts, financial institutions, and critical infrastructure providers.

For a few months, the FBI was able to infiltrate Hive’s computer systems. As a result, they prevented victims from making ransom payments amounting to $130 million.

Despite the persistent efforts of the U.S. government to combat the menace of ransomware, cybercriminals have succeeded in extorting an unprecedented amount of $1.1 billion as ransom payments from their victims.

The Hive operation attacks have been a recent concern for the Federal Bureau of Investigation (FBI). In response, the FBI released a flash alert in April 2021 that contained technical details and indicators of compromise associated with the gang’s operations.

The Hive ransomware group has been operating since June 2021 and offers a Ransomware-as-a-Service (RaaS) called “Hive.” The group uses a double-extortion tactic, where it steals sensitive data from its victims and then threatens to publish it on its leak site, HiveLeaks, in addition to demanding a ransom payment.

Chainalysis, a blockchain analytics firm, has released a report revealing that Hive, a ransomware strain, ranks among the top 10 most lucrative ransomware operations in revenue generated in 2021.

“Today’s announcement complements the Department of Justice announcement that, with Europol, the German and Dutch authorities, and the United States Secret Service, it had seized control of Hive’s servers and websites, thereby disrupting Hive’s ability to attack further and extort victims.”

“We will continue to work with allies and partners to disrupt and deter ransomware actors that threaten the backbone of our economies and critical infrastructure.”

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Website

Latest articles

ThreatHunter.ai Stops Hundreds of Attacks in 48 Hours: Fighting Ransomware and Nation-State Cyber Threats

The current large surge in cyber threats has left many organizations grappling for security...

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

A critical security flaw has been identified in the Ultimate Member plugin for WordPress,...

Hackers Actively Hijacking ConnectWise ScreenConnect server

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024,...

Heavily Obfuscated PIKABOT Evades EDR Protection

PIKABOT is a polymorphic malware that constantly modifies its code, making it hard to...

Anonymous Sudan Promoting New DDoS Botnet: Beware

It has come to light that a group known as Anonymous Sudan is actively...

Scattered Spider: Advanced Techniques for Launching High-Profile Attacks

Scattered Spider is a threat group responsible for attacking several organizations since May 2022...

8220 Hacker Group Attacking Linux & Windows Users to Mine Crypto

In a significant escalation of cyber threats, the 8220 Gang, a notorious Chinese-based hacker group, has intensified its attacks...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles