The Federal Bureau of Investigation (FBI) stated that as of November 2022, the infamous Hive ransomware gang has successfully extorted $100 million in ransom payments, from over 1,300 companies worldwide.

This was reported in a joint advisory published yesterday with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS).

As of November 2022, Hive ransomware actors have victimized over 1,300 companies worldwide, receiving approximately US$100 million in ransom payments, according to FBI information.(…) Hive actors have been known to reinfect—with either Hive ransomware or another ransomware variant—the networks of victim organizations who have restored their network without making a ransom payment.


Organizations from a wide range of industries and key infrastructure sectors, such as government facilities, communications, and IT, are among the victims, with a focus on Healthcare and Public Health (HPH) companies.

FBI Shares Indicators of Compromise (IoCs) and TTPs

The joint advisory’s main purpose was to share Hive’s Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) uncovered by the FBI while investigating Hive ransomware campaigns – in order to help defenders find malicious activity linked to Hive affiliates and mitigate its impact.



FBI’s Advice to Help Mitigate Ransomware Attacks

While the three government agencies supporting the alert do not recommend paying the ransoms, victims are asked to report Hive assaults to their local FBI field office or to CISA at regardless of whether they pay the ransom. This will assist law enforcement track ransomware activity, prevent attacks and hold attackers accountable, explains Bleeping Computer.

The FBI also recommends the following actions to help mitigate ransomware attacks:

The infamous Hive is a Ransomware-as-a-Service (RaaS) operation that has been around since at least June 2021, with several of its members having worked for both Hive and the Conti cybercrime gang. The FBI has previously released evidence of compromise and technical facts related to Hive ransomware attacks in August 2021.

The full official joint advisory alert published by the FBI is available here.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Hive Ransomware Claims Cyberattack on Tata Power’s IT Infrastructure [Updated]

HIVE Ransomware Claims Responsibility for NYRA Attack

How to Mitigate Ransomware?

How to Prevent Ransomware Attacks

Hive Ransomware Gang Impacts Rompetrol Gas Station Network

Ransomware Explained. What It Is and How It Works

Ransomware-as-a-Service (RaaS) – The Rising Threat to Cybersecurity

Leave a Reply

Your email address will not be published. Required fields are marked *