US Justice Department has taken custody of the website of the notorious Hvie
According to United States Federal Bureau of Investigation Director Christopher Wray on Jan. 26, the infamous Hive cryptocurrency ransomware gang has been dismantled by International Law enforcement.
The Director claimed the notorious gang has in its custody 1,300 decryption keys for victims since July 2022 which his agency had uncovered. The dismantling of the gang is claimed to have presented $130 million in ransomware payments.
In the report, officials cited an incident, where a Hive ransomware attack on a Louisiana hospital was thwarted by law enforcement, saving the victim from a $3 million ransom payment.
Ghost servers were reportedly seized on the night of Wednesday, January 25 by an international joint effort that included the U.S. authorities, the German Reutlingen Police Headquarters, the German Federal Criminal Police, the Netherlands National High Tech Crime Unit, and Europol to track ransom payments, return them back to victims, and dismantle the network’s infrastructure.
According to the report, the ransomware gang had been infiltrated by undercover agents since July 2022. Wray said that concerning this, the joint law enforcement effort gained ”clandestine” and “persistent” access to Hive’s control panels since that time and had been secretly helping victims recover their assets and locked devices unbeknownst to Hive.
The report also claimed that Hive was behind a series of notorious ransomware incidents, such as the April-May 2022 Costa Rica public health service and social security fund cyberattack. The group locked key digital infrastructure and demanded $5 million in Bitcoin ransom payments for the restoration of services. Over 4,800 individuals reportedly missed their medical appointments in the first few days following the attack.
“Unfortunately, during these past seven months, we found that only about 20% of Hive’s victims reported potential issues to law enforcement.” Wray remarked, saying, “Here, fortunately, we were still able to identify and help many victims who didn’t report in. But that is not always the case. When victims report attacks to us, we can help them — and others, too.”