International law enforcement agencies, according to U.S. Federal Bureau of Investigation Director Christopher Wray on Jan. 26, have dismantled the notorious Hive cryptocurrency ransomware gang. He asserted that since July 2022, the programme had helped victims recover over 1,300 decryption keys and avoided paying $130 million in ransomware ransoms. Officials cited one instance in which a Hive ransomware attack on a hospital in Louisiana was prevented by law enforcement, sparing the victim from having to pay a $3 million ransom.
An international law enforcement operation involving U.S. authorities, the German Reutlingen Police Headquarters, the German Federal Criminal Police, the Netherlands National High Tech Crime Unit, and Europol reportedly resulted in the seizure of ghost servers on Wednesday night. The goal of the operation was to track ransom payments, return them to victims, and destroy the network’s infrastructure.
Hive network dark web address has been taken down by law enforcement. Source: Twitter
Since July 2022, operatives operating undercover had penetrated the company. According to Wray, at that time, law enforcement had obtained “clandestine, persistent” access to Hive’s control panels and had been working covertly with victims to assist them retrieve their valuables and locked devices.
Hive was responsible for several well-known ransomware attacks, including the April–May 2022 cyberattack on the public health system and social security fund of Costa Rica. The organisation demanded $5 million in Bitcoin BTC and shut up important digital infrastructure. $23,046 ransom fees to get the services back. According to reports, over 4,800 people missed appointments for medical care in the days immediately following the incident. Despite the enforcement action’s effectiveness, Wray cautioned: