Law Enforcement Intervenes in Hive Ransomware Operations
Category: Ransomware News | Industry: Global | Level: Strategic | Source: Justice.Gov
An international law enforcement operation led by the US Department of Justice and Europol enabled the seizure of Tor payment and data leak sites operated by the Hive ransomware gang. International law enforcement agencies gained access to the ransomware gang's infrastructure in July 2022, and monitored the group's activity for five months. Through their operation, law enforcement was able to intervene, warn and reverse damages with decryption keys from attacks launched by Hive and prevent ransom payments for at least $130 million. As stated by the Department of Justice "Since infiltrating Hive’s network in July 2022, the FBI has provided over 300 decryption keys to Hive victims who were under attack. In addition, the FBI distributed over 1,000 additional decryption keys to previous Hive victims."
Since the seizure on January 25, 2023, a warning message is displayed on Hive ransomware's Tor website written in English and Russian through a rotating GIF. The following message is displayed on the site, "This hidden site has been seized. The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware."