The FBI in their report stated that they have helped victims by offering them decryption keys and thwarted ransom demands of $130 million in crypto.
On Thursday, January 26, the US Justice Department disclosed the results of its months-long joint operation with the Federal Bureau of Investigation (FBI) that entirely disrupted the activities of the Hive ransomware group.
Hive Ransomware Group
The investigation noted that the Hive ransomware group had targeted more than 1500 victims across 80 countries including hospitals, financial firms, school districts, and critical infrastructure.
Over the last eight months, the FBI has been infiltrating Hive’s computer networks, capturing the descriptions keys, and offering them to victims worldwide. Besides, they also help in preventing victims from paying a sum of $130 million in ransom demand.
The report notes that since July 2022, the FBI has provided a total of 300 decryption keys to previous Hive victims. Furthermore, the FBI has been coordinating with German law enforcement and the Netherlands National High Tech Crime Unit, thereby distorting Hive’s ability to attack and extort victims. Speaking on the development, US Attorney General Merrick B. Garland said:
“Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world. We will continue to work both to prevent these attacks and to provide support to victims who have been targeted. And together with our international partners, we will continue to disrupt the criminal networks that deploy these attacks.”
The Rise of Crypto Ransomware
Amid the strong growth of the crypto market, the total number of ransomware attacks in the crypto space has also been on the rise. Ransomware basically involves malicious software that can lock a computer while demanding ransom in order to restore access.
Much recently, attackers have been demanding ransom largely in crypto. Any devices connected to the internet could be potentially a victim of ransom. However, phishing attacks are usually the prime attack vector.
As per the FBI, Hive targets victims by stealing their sensitive data such as documents, emails, pictures, and videos. Later, they encrypt these files and demand ransom in Bitcoin from the victims in return for the decryption key required to restore the files. Besides, Hive would also extort additional in the promise of not publishing the stolen data on the dark web. If the victim doesn’t pay, Hive publishes the data on the dark web.
“Cybercrime is a constantly evolving threat,” Garland said. “But as I have said before, the Justice Department will spare no resource to identify and bring to justice, anyone, anywhere, who targets the United States with a ransomware attack.”
next