A global ransomware group has been shut down by American, German and Dutch authorities.
The U.S. Justice Department said in a Thursday (Jan. 26) press release that organizations from the three countries seized control of Hive’s servers and websites Wednesday (Jan. 25).
“Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world,” Attorney General Merrick B. Garland said in the release.
The agency also said in the press release that the FBI had covertly infiltrated the Hive network in July 2022 and, since then, had been capturing the ransomware group’s decryption keys and offering them to victims — thereby saving them from ransom demands totaling $130 million.
In that time, the FBI provided 300 keys to victims who were under attack and another 1,000 keys to victims of earlier Hive attacks, the release said.
Ransomware — a type of malware that infects computer networks and is used to threaten to publish the victim’s data or permanently block access to it unless a ransom is paid — has been a growing crime.
For example, the number of ransomware attacks reported by financial institutions and occurring in 2021 was double the number that occurred during the previous year, according to the Financial Crimes Enforcement Network (FinCEN).
More recently, a string of major hacks in Europe has put ransomware in the spotlight.
During the time Hive was active, since June 2021, it targeted 1,500 victims in 80 countries and received $100 million in ransom payments, according to the press release.
Hive actors would both encrypt victims’ systems and steal their most sensitive data so that they could then seek a ransom in exchange for both a decryption key and a promise not to publish the data.
“The Department of Justice’s disruption of the Hive ransomware group should speak as clearly to victims of cybercrime as it does to perpetrators,” Deputy Attorney General Lisa O. Monaco said in the release. “In a 21st century cyber stakeout, our investigative team turned the tables on Hive, swiping their decryption keys, passing them to victims, and ultimately averting more than $130 million in ransomware payments.”