U.S. Department of Justice Shuts Down a Hive Ransomware Variant

On January 26, 2023, the U.S Department of Justice announced the results of its months-long disruption campaign against the Hive. The Hive ransomware organization has targeted more than 1,500 victims in more than 80 countries worldwide, including hospitals, school districts, financial institutions, and key infrastructure. Hackers were able to extort over $130 million dollars from 1500 businesses. That's roughly 66k per business. In essence, the FBI took similar actions as the hackers to stop them. Ironically, this was accomplished by hacking into the con artists' systems. The announcement concluded with enthusiasm, proclaiming, “We hacked the hackers!'"

What Happened?

Since June 2021, the Hive Network deployed malicious software to hold digital devices captive and demand a ransom in ransomware assaults.

According to Decrypt.com, Hive primarily targets victims by stealing private information (emails, documents, photographs, and videos), then encrypting the victim's computer files. The group would then demand a Bitcoin ransom for the decryption that is needed to restore the files, as well as additional funds in exchange for a promise not to put the stolen data on the dark web. If the victim does not pay, Hive would disseminate the stolen information.

Justice Served: The FBI's Successful Hacking of Cybercriminals' System

In late July 2020, Hive's computer networks were breached, its decryption keys were obtained, and they were made available to victims worldwide by the FBI, saving them from having to pay the $130 million in cryptocurrency ransom payments for businesses.

In the announcement, the FBI states that the department had taken control of the servers and websites that Hive uses to communicate with its members in coordination with other global law enforcement, preventing Hive from attacking and extorting victims.

Attorney General Merrick B. Garland stated,

Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world. Cybercrime is a constantly evolving threat. But as I have said before, the Justice Department will spare no resources to identify and bring to justice, anyone, anywhere, who targets the United States with a ransomware attack…and together with our international partners, we will continue to disrupt the criminal networks that deploy these attacks.

With the hard work of the FBI and their quick advancement to investigate, further extortion by HIVE has been stopped. They ended the announcement by stating, "We’ve made it clear that we will strike back against cybercrime using any means possible -- today’s action reflects that strategy...Simply put, using lawful means, we hacked the hackers," (justice.gov)

What will stop HIVE from regrouping and doing it again?

There are lots of other hacking groups, so it really doesn't matter if they capture them and prosecute them. Some people are more intelligent than others and will try various attempts to steal data. Make sure you keep up with hacking attempts and that your company has the necessary safety procedures in place.

Our job is to help companies create more unified business functions, improve customer service, and utilize technology to move forward. Chicago-experienced IT consulting experts will make your technology work for you and keep you from spending endless, frustrating hours managing your business IT. Managed IT is when the Infiniwiz team proactively takes care of all the IT headaches and hassles for you…So you can get done on your “to-do” list – like growing the business! If you have any questions, feel free to contact us!