The notorious ransomware gang Hive has been hit by an international police action: on Thursday, the criminal organization’s leak page on the Darknet showed a banner with information about the seizure.
Fittingly, the message is also displayed in Russian, as the alleged perpetrators are likely to be from Russia, according to security experts.
The European police authority Europol writes in a statement that it has supported the German, Dutch and US authorities in “disabling the infrastructure of the prolific HIVE ransomware”.
How did “Hive” work?
As of June 2021, more than 1,500 companies from more than 80 countries worldwide have fallen victim to the gang and have paid almost 100 million euros in ransom lost. Those attacked include critical infrastructure operators, including government agencies, telecommunications companies and healthcare facilities.
Cybersecurity experts assume that Hive has also been involved from Russia in the past year Ransomware gang Conti had allied.
In a major attack, Hive members targeted a hospital, severely impacting how the healthcare organization handled the COVID-19 pandemic.
The folks behind Hive chose the “ransomware as a service” business model. This means that they developed attack tools and made the IT infrastructure for the ransomware attacks available to criminal third parties – so-called partners. They then collected 20 percent of the ransom money.
The Hive ransomware was also used to compromise and encrypt data and computer systems of major IT and oil multinationals in the EU and the US.
Law enforcement agencies have given some compromised companies the decryption key to help them decrypt their data without paying the ransom, according to the Europol release. These efforts prevented the perpetrators from paying more than $130 million, or the equivalent of approximately €120 million, in ransom.
Who was involved in the action?
According to Europol, it was a coordinated action by the following national police authorities:
- Germany: Federal Criminal Investigation and Police Station Reutlingen – CID Esslingen (Politie BW)
- France – National Police (Police Nationale)
- Great Britain – National Crime Service
- Ireland: National Police (An Garda Síochána)
- Canada – Royal Canadian Mounted Police (RCMP) & Peel Regional Police
- Lithuania – Criminal Police (Kriminalinės Policijos Biuras)
- The Netherlands – National Police (Police)
- Norway: National Police (Police)
- Portugal: Criminal Police (Polícia Judiciária)
- Romania: Romanian Police (Poliția Română – DCCO)
- Sweden: Swedish Police (Polisen)
- Spain: Spanish Police (Policía Nacional)
- United States – Secret Service, Federal Bureau of Investigations.
Switzerland is not on Europol’s list.
Sources
- europol.europa.eu: Cybercriminals stop when HIVE infrastructure shuts down
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
