The US Department of Justice released a statement on Thursday confirming the secret infiltration of the Hive by the FBI (Federal Bureau of Investigation). ransomware group. Hive has targeted more than 1500 victims in over 80 countries, collecting over $100 million in cryptocurrency ransoms. The attempt to take control of Hive’s servers and websites was coordinated with German and Dutch law enforcement.
According to the official pronunciation, the FBI has been invading Hive’s computer network since July 2022. The FBI’s efforts prevented victims from paying a $130 million cryptocurrency ransom. Since infiltrating the Hive network, the FBI has provided more than 300 decryption keys to active Hive victims. In addition, the agency has provided decryption keys to more than 1,000 previously attacked victims.
Attorney General Merrick B. Garland stated:
“Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world.”
In addition, Garland added that the Justice Department will continue its work against such groups and will “spare no resources to protect anyone, anywhere, who goals the United States with a ransomware attack.”
In addition, Hive’s website was taken down and visitors were greeted with the message, “The Federal Bureau of Investigation has seized this site as part of coordinated law enforcement action against Hive Ransomware.”
Unlike other high-profile ransomware cases, the US Department of Justice recently disclosed that Hive’s removal is unique.
How Does the Cryptocurrency Ransomware Group Work?
Hive usually targets a victim by stealing sensitive data (emails, documents, images and videos), then encrypting their computer files, the agency said. The organization then demands a ransom in the form of cryptocurrency for the decryption key. The key is required to restore the files.
The group demands more money for a pledge not to post stolen information. If the victim did not pay, Hive would release the information on the dark web. According to a new estimate from Chainalysis, ransomware attacks generated $457 million in revenue in 2022, compared to $766 million in 2021, a decrease of 40%.