Thursday, January 26, 2023
HomeCyber SecurityHive Ransomware Infrastructure Seized in Joint Worldwide Legislation Enforcement Effort

Hive Ransomware Infrastructure Seized in Joint Worldwide Legislation Enforcement Effort


Jan 26, 2023Ravie LakshmananEncryption / Ransomware

The infrastructure related to the Hive ransomware-as-a-service (RaaS) operation has been seized as a part of a coordinated legislation enforcement effort involving 13 international locations.

“Legislation enforcement recognized the decryption keys and shared them with most of the victims, serving to them regain entry to their information with out paying the cybercriminals,” Europol stated in a press release.

The U.S. Division of Justice (DoJ) stated the Federal Bureau of Investigation (FBI) penetrated the Hive networks in July 2022 and captured over 300 decryption keys that have been then handed over to corporations compromised by the gang, successfully saving $130 million in ransom funds.

The FBI additionally distributed greater than 1,000 extra decryption keys to earlier Hive victims, the DoJ added.

Hive, which sprang up in June 2021, has been a prolific cybercrime crew, launching assaults towards 1,500 organizations in a minimum of 80 international locations and netting it $100 million in illicit earnings.

Focused entities spanned a variety of verticals, together with authorities services, communications, essential manufacturing, data expertise, and healthcare.

In accordance with statistics collected by MalwareBytes, Hive claimed 11 victims in November 2022, putting it on the sixth spot behind Royal (45), LockBit (34), ALPHV (19), BianLian (16), and LV (16).

“Some Hive actors gained entry to sufferer’s networks through the use of single issue logins through Distant Desktop Protocol, digital non-public networks, and different distant community connection protocols,” Europol defined.

“In different instances, Hive actors bypassed multifactor authentication and gained entry by exploiting vulnerabilities. This enabled malicious cybercriminals to log in and not using a immediate for the person’s second authentication issue by altering the case of the username.”

The worldwide operation consisted of authorities from Canada, France, Germany, Eire, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the U.Ok., and the U.S.

Discovered this text fascinating? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.





Supply hyperlink

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments