FBI Infiltrates Ransomware Group

Uploaded on 2023-02-02 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI secretly infiltrated the infamous Hive ransomware group over seven months to frustrate its attempts to extort ranson from over a thousand victims. The US Attorney General has now announced that it has managed to covertly infiltrate's Hive's networks, and disrupted ransom campaigns worth $130 million.

Officials said the targeted syndicate, known as Hive, operates one of the world’s top five ransomware networks and has targeted hospitals and other health care providers.

The FBI quietly gained access to its control panel in July and was able to obtain software keys to decrypt the network of some 1,300 victims globally, said FBI Director Christopher Wray. Officials credited German police and other international partners. “Cybercrime is a constantly evolving threat. But as I have said before, the Justice Department will spare no resource to identify and bring to justice, anyone, anywhere, who targets the United States with a ransomware attack.

“We will continue to work both to prevent these attacks and to provide support to victims who have been targeted. And together with our international partners, we will continue to disrupt the criminal networks that deploy these attacks,” said US Attorney General Merrick B. Garland.

It was not immediately clear how the takedown will affect Hive’s long-term operations, as officials did not announce any arrests but said they were building a map of Hive’s administrators, who manage the software, and affiliates, who infect targets and negotiate with victims, to pursue prosecutions. “Cybercrime is a constantly evolving threat, but as I have said before, the Justice Department will spare no resource to bring to justice anyone anywhere that targets the United States with a ransomware attack,” said Garland.

The infiltration was led by the FBI’s Tampa office, from where agents were able to disrupt a Hive attack against a Texas school district, stopping it from making a $5 million ransom payment.

It's unclear how the FBI broke into Hive’s networks. During a press conference, US Assistant Attorney General Lisa Monaco would only say: “Simply put, using lawful means we hacked the hackers.”

Hive is considered to be a Russia - base hacking group, a country that refuses to extradite criminal suspects to the US. The ransomware gang came on the scene in 2021 and has since targeted over 1,500 victims across the globe and received $100 million in ransomware payments, according the US Jstice Dept.

US Justice Dept:   The Verge:     Money Control:     Scientific American:    PCMag:     I-HLS:  

You Might Also Read

Russia's Criminal Hackers:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Latest Artificial Intelligence Technologies
Google Shuts Down Misinformation »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LogmeOnce

LogmeOnce

LogmeOnce provides users with solution to multiple Password problems, Single Sign-On (SSO), and Identity Management.

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

Deepnet Security

Deepnet Security

Deepnet Security is a leading security software developer and hardware provider in Multi-Factor Authentication (MFA), Single Sign-On (SSO) and Identity & Access Management (IAM).

Informer

Informer

Informer provides an Attack Surface Management SaaS platform alongside penetration testing services. We combine machine learning and human intelligence to reduce cyber risk.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

Mage Data

Mage Data

Mage (formerly Mentis Software) is a leading solutions provider for data security and data privacy software for global enterprises.

NorthRow

NorthRow

NorthRow provides digital transformation compliance solutions to help businesses manage regulatory and financial crime risks.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Moonlock

Moonlock

Cybersecurity tech for humans. At Moonlock, we make software that seamlessly protects you and has your back as you live your life.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

DigitalXForce

DigitalXForce

DigitalXForce is the Digital Trust Platform for the New Era – SaaS based solution that provides Automated, Continuous, Real Time Security & Privacy Risk Management.

Spektion

Spektion

Spektion are transforming how organizations meet the challenge of third-party software risk.