Federal authorities have taken down a website run by a notorious ransomware gang known to extort millions of dollars from victims as part of a global cybercrime operation.
The FBI seized a cache of computer servers supporting the Hive group in Los Angeles late Wednesday, according to Attorney General Merrick Garland. At the same time, foreign law enforcement partners took control of a similar network in Europe to shut down the operation, which targeted 1,500 victims in 80 countries.
According to federal authorities, Hive has collected more than $100 million in ransom payments since June 2021.
Amid the COVID-19 pandemic, Garland said, a hospital in the Midwest had its systems locked, preventing it from accepting patients.
According to FBI Director Christopher Wray, the actions against Hive were unprecedented in scope and result. Agents secretly infiltrated Hive networks for seven months, identifying the group’s targets and providing decryption keys to 1,300 victims, which prevented $130 million in ransom payments.
FBI Director Christopher Wray speaks at a press conference to announce action against the Hive cyber gang.
We saved victims over a hundred million dollars in ransom payments and likely more in remediation costs in this case.
According to Wray, the seizure of the decryption keys was like “cutting off the gas” to the global network. While no arrests were reported Thursday, Wray said the investigation continued in the U.S. and abroad.
In addition to German and Netherlands high-tech intelligence units, U.S. government agencies and Europol coordinated the investigation.
On Thursday, January 26th, visitors to the Hive ransomware gang’s website encountered a notice of seizure.
“The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware,” reads the former Hive landing page in both English and Russian.
In a 21st-century cyber stakeout, our investigative team turned the tables on Hive, swiping their decryption keys, passing them to victims, and ultimately averting more than 130 million dollars in ransomware payments. We hacked the hackers.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics.