German and US law enforcement agencies are targeting the Hive ransomware website in a joint investigation and are set to disclose their results later Thursday, a person familiar with the issue said.
(Bloomberg) — German and US law enforcement agencies are targeting the Hive ransomware website in a joint investigation and are set to disclose their results later Thursday, a person familiar with the issue said.
The Hive site has a notice saying the Federal Bureau of Investigation has seized the site “as part of a coordinated law enforcement action taken against Hive Ransomware.”
Hackers associated with the Hive ransomware gang have taken roughly $100 million from some 1,300 victims, the FBI said in a joint advisory with the Department of Homeland Security in November. The group used an array of techniques to target organizations in critical manufacturing, health care, information technology and government, US officials said at the time.
Along with breaching organizations and demanding an extortion fee, Hive would broadcast stolen information, including patient data and employee information from victims, the FBI alert said last year. The technique represented a kind of double-extortion tactic that intruders increasingly use to step up the pressure on their victims to pay a fee, usually in Bitcoin.
The Hive hacking group was first observed in June 2021, according to the US.
Hive victims have included the Bank of Zambia, which last year said it declined to pay a ransom, as well as US health care providers and Indonesia’s state-backed oil and gas company.
Microsoft Corp. has released a security alert about the group, saying Hive has emerged as one of the most prevalent examples of the “ransomware as a service” model. That description applies to cybercriminal groups that lease access to their tools to separate partners, taking a cut of the proceeds after a successful digital extortion.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.