The US Justice Department announced the results of a long-running campaign on Thursday, with the Federal Bureau of Investigation (FBI) actively intervening in the activities of the Hive Ransomware Group. The group is said to have targeted universities, hospitals, and banks in more than 80 countries.
“The Department of Justice last night dismantled an international ransomware ring responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and across the world,” said US Attorney General Merrick B. Garland in a press statement.
According to the statement, since June 2021, the Justice Department has identified more than 1,500 victims around the world, raking in more than $100 million in cryptocurrency ransom. The FBI’s operation to infiltrate the Hive network was launched in July 2022. The agency was able to provide over 1,300 encryption keys to help victims recover their data and applications.
The operation was carried out in cooperation with law enforcement agencies in Germany and the Netherlands, with servers and websites used by the group being taken over.
Ransomware is a type of malicious software that can lock down a computer and demand a ransom in order to restore it. Any system that is connected to the internet can be a victim of ransomware, usually through phishing attacks.
According to the agency, the group would target victims with sensitive data, such as emails, photos, and videos, before encrypting their computer files and demanding a bitcoin ransom for the decryption keys and additional payments to ensure that the stolen data would not be leaked to the dark web. If the victim did not pay, Hive would publish the stolen data.
Blockchain analytics firm Chainalysis recently reported that ransomware payments have seen a 40% drop in revenue, from $766 million in 2021 to $457 million in 2022. The firm attributed the decline in ransomware payments to increasing resistance from victims to pay and greater awareness of cybersecurity.
The takedown of Hive is a victory for cryptocurrency, law enforcement, and national security.
“Cybercrime is an ever-evolving threat,” said Garland. “But, as I said before, the Department of Justice will use all its resources to identify and bring to justice anyone, anywhere, who attacks the United States with a ransomware attack.”
