The recent seizure of the Hive ransomware operation’s Tor payment and data leak site, as part of an international law enforcement operation, has shown how many agencies around the globe can work together to infiltrate different infrastructure of cybercriminals gangs. Read the following lines to know all the details.
What is Hive?
Hive is a ransomware-as-a-service (RaaS) that allows criminals to deploy ransomware without developing their own malicious code. The operation was launched in June 2021 to get the targets through phishing campaigns, exploit vulnerabilities in internet-exposed devices, and purchased credentials.
Law Enforcement Response
The FBI coordinated the law enforcement operation and involved multiple police agencies in the US and Europe, which resulted in the seizure of their Tor payment and data leak site used by the Hive ransomware operators.
“Since late July 2022, the FBI has penetrated Hive’s computer networks, captured its decryption keys, and offered them to victims worldwide, preventing victims from having to pay $130 million in ransom demanded,” the Justice Department stated.
Also, the Dutch police got hold of two backup servers hosted in the Netherlands, later stating that they use those as the operation’s main data leak site, negotiation site, and web panels.
The seizure of the Hive sites is a major victory for law enforcement, as it has disrupted the operations of one of the most prolific ransomware operations. Its Tor site displays a notice that shows the other countries involved: Germany, Canada, France, Lithuania, Netherlands, Norway, Portugal, Romania, Spain, Sweden, and the United Kingdom.
“This hidden site has been seized. The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware. This action has been coordinated with the United States Attorney’s Office for the Middle District of Florida and the Computer Crime and Intellectual Property Section of the Department of Justice with substantial assistance from Europol.” reads the notice.
The seizure of the Hive ransomware operation’s Tor payment and data leak site is a major victory for law enforcement, reminding everyone that the police are actively targeting ransomware operations and that cybercriminals should be alert.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp