Hey everyone! It’s Nuked here and I have some exciting news to share with you.
The Department of Justice recently announced that FBI agents have successfully disrupted Hive, a notorious ransomware group, and prevented $130 million worth of ransom campaigns. According to the DOJ, this group was responsible for targeting over 1,500 victims in over 80 countries worldwide.
But here’s the best part – the FBI actually infiltrated the group’s network for months before working with German and Netherlands officials to shut it down. As Deputy Attorney General Lisa Monaco put it, “Using lawful means, we hacked the hackers.”
Thanks to their efforts, the FBI was able to snatch up over 300 decryption keys and pass them back to victims whose data was locked up by Hive. US Attorney General Merrick Garland said that in the last few months, these keys were used to unlock a school district facing a $5 million ransom, a hospital asked for $3 million, and an unnamed food services company that was asked for $10 million.
Hive had been considered a top-five ransomware threat by the FBI and it has received over $100 million in ransom payments since June 2021. They use a “ransomware-as-a-service (RaaS)” model which involves making and selling ransomware, then recruiting “affiliates” to deploy it. The affiliates use methods like email phishing and exploiting authentication vulnerabilities.
The FBI also revealed that only 20 percent of detected victims reached out to them for help. Many victims of ransomware attacks refrain from contacting authorities for fear of repercussions from the hackers and scrutiny in their industries for failing to secure themselves.
That’s why it’s important for victims to contact the FBI when they find themselves in this situation. As Monaco said, “When a victim steps forward, it can make all the difference in recovering stolen funds or obtaining decryptor keys.”