Hive Ransomware Gang

Malware updated 4 months ago (2024-05-04T18:10:54.117Z)

Download STIX

Preview STIX

The Hive ransomware gang, a malicious group known for exploiting and damaging computer systems through harmful software, was significantly disrupted by the Federal Bureau of Investigation (FBI) in a series of operations. Six months ago, according to the US Department of Justice (DOJ), the FBI infiltrated the Hive ransomware gang and began "stealing back" decryption keys for victims whose files had been scrambled. The operation saved potential victims from an estimated $130 million in ransom demands, marking a significant win against cybercrime. In January, the FBI reported seizing the servers of the Hive ransomware gang, effectively decimating their IT infrastructure. This operation followed a similar disruption of the REvil ransomware gang. This takedown was described as the FBI's biggest success against cybercriminals since they "hacked the hackers." However, a senior FBI official cautioned that other malware may have remained on machines liberated from Qakbot, a different malicious software, indicating that the fight against cybercrime is ongoing. Hive's operations showed striking similarities to those of Hunters International, another entity associated with ransomware activities. Cybersecurity researchers, including Zscaler ThreatLabz, noted nearly 60% similarity in their ransomware encryption codes and almost identical backend code in their victim ransom portals. This suggests that despite the successes against individual groups like Hive, the landscape of ransomware threats remains complex and interconnected.

Description last updated: 2023-10-26T23:21:00.768Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Ransom

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Hive	Unspecified	4	Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated

Source Document References

Information about the Hive Ransomware Gang Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	10 months ago	US plastic surgeon clinic data exposed by Hunters International
CERT-EU	a year ago	FBI and European Partners Seize Major Malware Network
CERT-EU	a year ago	FBI and European partners seize major malware network in blow to global cybercrime
CERT-EU	a year ago	FBI, European partners seize major malware network in blow to global cybercrime
CERT-EU	a year ago	Ransomware Task Force report two years later: Mixed signs of success \| IT World Canada News
Naked Security	2 years ago	S3 Ep120: When dud crypto simply won’t let go [Audio + Text]
Naked Security	2 years ago	Hive ransomware servers shut down at last, says FBI
CERT-EU	a year ago	Microsoft patches Windows zero-day bug used in ransomware attacks \| #ransomware \| #cybercrime – National Cyber Security Consulting
CERT-EU	a year ago	NetWire Malware Site and Server Seized, Admin Arrested
InfoSecurity-magazine	a year ago	#RSAC: US DoJ Prioritizes Victim Support in Cybercrime Crackdown
CERT-EU	2 years ago	FBI detects, contains cyber attack on New York office: News reports \| IT World Canada News
InfoSecurity-magazine	a year ago	Ransomware Attacks Skyrocket in Q2 2023
CERT-EU	a year ago	Cybersecurity threatscape: Q1 2023
CERT-EU	2 years ago	Romance scammers could cause unhappy Valentine’s Day \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security
DARKReading	2 years ago	Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ