FBI Reveals: Hive Ransomware Extorted $100M from 1,300 Companies
The Government Agency Also Published IOCs and TTPs to Help Cybersecurity Specialists Mitigate the Attacks.
Last updated on December 7, 2022
The Federal Bureau of Investigation (FBI) stated that as of November 2022, the infamous Hive ransomware gang has successfully extorted $100 million in ransom payments, from over 1,300 companies worldwide.
This was reported in a joint advisory published yesterday with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS).
As of November 2022, Hive ransomware actors have victimized over 1,300 companies worldwide, receiving approximately US$100 million in ransom payments, according to FBI information.(…) Hive actors have been known to reinfect—with either Hive ransomware or another ransomware variant—the networks of victim organizations who have restored their network without making a ransom payment.
Organizations from a wide range of industries and key infrastructure sectors, such as government facilities, communications, and IT, are among the victims, with a focus on Healthcare and Public Health (HPH) companies.
FBI Shares Indicators of Compromise (IoCs) and TTPs
The joint advisory’s main purpose was to share Hive’s Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) uncovered by the FBI while investigating Hive ransomware campaigns – in order to help defenders find malicious activity linked to Hive affiliates and mitigate its impact.
While the three government agencies supporting the alert do not recommend paying the ransoms, victims are asked to report Hive assaults to their local FBI field office or to CISA at firstname.lastname@example.org regardless of whether they pay the ransom. This will assist law enforcement track ransomware activity, prevent attacks and hold attackers accountable, explains Bleeping Computer.
The FBI also recommends the following actions to help mitigate ransomware attacks:
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.