Government

FBI investigation into Hive hacking group breaks gang; State offers $10 million for more information

The operation was a ‘21st century cyber stakeout,’ the DOJ says.
article cover

Fangxianuo/Getty Images

· less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

The Department of Justice hacked the Hive, and now the State Department wants to take down the whole nest. The State Department is offering up to $10 million for information on who’s behind the Hive hacking group after the DOJ successfully disrupted the ransomware gang in a monthslong operation dating back to July 2022.

The DOJ announced on January 26 that they had successfully taken Hive down, working alongside the German Federal Criminal Police, Reutlingen Police Headquarters–CID Esslingen, and the Netherlands National High Tech Crime Unit to seize servers and domains the gang used to coordinate its activities.

“In a 21st century cyber stakeout, our investigative team turned the tables on Hive, swiping their decryption keys, passing them to victims, and ultimately averting more than $130 million…in ransomware payments,” Deputy Attorney General Lisa O. Monaco said in a statement on the operation.

FBI agents also captured decryption keys and shared them with victims, saving millions in ransom payments.

“For months, we helped victims defeat their attackers and deprived the Hive network of extortion profits,” Monaco said. “Simply put, using lawful means, we hacked the hackers. We turned the tables on Hive and we busted their business model.”

Ransomware attacks have exploded in recent years, with groups like Vice Society targeting educational institutions and ransomware gangs going after connected infrastructure.

Hive received around $100 million in ransom payments since June 2021, making the gang one of the most notorious and successful hacking groups in the world during that time. The gang’s ransomware has been linked to attacks on the Costa Rican Social Security Fund, European car dealership Emil Frey, US healthcare groups Partnership HealthPlan and Memorial Healthcare System, and others.

The State Department’s $10 million award offer for information on Hive is fairly standard for the agency; it offered the same amount for information on Russian spies, North Korean hacking groups, and other ransomware operators.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.