Sanctionseverity: High2023-01-26

DOJ/FBI/Europol disrupt Hive ransomware; seize site + decryptors

published by U.S. Department of Justice

Actor

Hive?? · UnknownRansomware

Russian-speaking ransomware-as-a-service operation active from mid-2021 through January 2023. Best known publicly for the May 2022 compromise of the Costa Rican government — which prompted Costa Rica…

Summary

U.S. Attorney General Merrick Garland announced that DOJ, FBI, Europol, and German and Dutch police had run a seven-month covert infiltration of Hive's infrastructure, capturing decryption keys and quietly providing them to victims — preventing an estimated $130M in ransom payments. The operation culminated in the seizure of Hive's leak site and command infrastructure, effectively dismantling a brand that had extorted $100M+ from ~1,500 victims across 80 countries since mid-2021.

Primary source

justice.gov

Other Hive events

2022-05-31Hive ransomware compromises Costa Rican Social Security Fund

Summary

Tags

Primary source

Other Hive events