‘We hacked the hackers’: Hive ransomware seized in global sting
- The FBI and its international partners disrupted the network of prolific Hive ransomware gang
- The ransomware operation had extorted more than US$100 million from 1,500 victims worldwide
Hive ransomware was seized after a joint US-German law enforcement crackdown that thwarted US$130 million in demands for payment from more than 1,500 victims around the world, according to law enforcement authorities.
The FBI penetrated the group’s website starting in July, captured its decryption keys and offered them to victims in 80 countries, which included hospitals, schools, financial firms and critical infrastructure, according to the US Justice Department.
The US then coordinated with law enforcement in Germany and the Netherlands.
“The Justice Department will spare no resource to identify and bring to justice anyone anywhere who targets the United States with a ransomware attack,” Attorney General Merrick Garland said at a press conference in Washington on Thursday. “Together with our international partners we will continue to disrupt the criminal networks that deploy these attacks.
The seizure won’t seriously reduce overall ransomware activity but is “a blow to a dangerous group” and could send a signal to hackers, John Hultquist, vice-president for intelligence analysis at Mandiant Inc, said in a statement.
“Unfortunately, the criminal marketplace at the heart of the ransomware problem ensures a Hive competitor will be standing by to offer a similar service in their absence, but they may think twice before allowing their ransomware to be used to target hospitals,” Hultquist said.