The cybercriminal organization targeted infrastructure and people of interest, encrypting their data and demanding cryptocurrency in exchange for decryption.
In a recent press release, the FBI announced the takedown of Hive, a ransomware network with members from multiple states in Europe and North America.
According to the US agency, they have been working on the case since at least 2021.
Despite the FBI’s efforts, the network was difficult to penetrate. However, law enforcement was able to breach the cybercrime group’s control center in July 2022, gaining access to the decryption keys that were to be given to victims who paid the requested ransom.
The encryption of the computers of the Costa Rican healthcare service during the spring of 2022 would be a high-profile example of this attack, with Hive requesting $5 million in Bitcoin in exchange for decryption.
As a result, the FBI has quietly approached victims of the attacks in recent months, offering them the keys and denying up to $130 million in ransomware payments, effectively cutting the group off from funding. The hackers are thought to have received around $100 million in ransom payments from over 1,500 victims, implying that the FBI effectively denied them more than half of all potential payouts.
The FBI contacted both victims who had contacted law enforcement and those who had not. Unfortunately, only 20% of Hive’s victims sought assistance, prompting FBI Director Christopher Wray to remind the public that, in many cases, victims of cybercrime can only be helped if they reach out.
“The coordinated disruption of Hive’s computer networks, following months of decrypting victims around the world, shows what we can accomplish by combining a relentless search for useful technical information to share with victims with investigation aimed at developing operations that hit our adversaries hard.
“To combat cybercriminals who target American businesses and organizations, the FBI will continue to use its intelligence and law enforcement tools, global presence, and partnerships.”
Since then, the FBI and its partners in Europe and North America have infiltrated the network further, culminating in the seizure of the cybercrime group’s assets on January 26th.
In total, 16 agencies from 12 countries worked together to disrupt the criminal network and assist victims in recovering their funds.
Although the network has been taken down, Hive was not the only ransomware group out there, which should serve as a reminder to us all to always be in control of our own cybersecurity.
