1 year ago
49
WASHINGTON, Jan 26 (Reuters) - The FBI revealed connected Thursday it had secretly hacked and disrupted a prolific ransomware pack called Hive, a maneuver that allowed the bureau to thwart the radical from collecting much than $130 cardinal successful ransomware demands from much than 300 victims.
At a quality conference, U.S. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney General Lisa Monaco said authorities hackers broke into Hive's web and enactment the pack nether surveillance, surreptitiously stealing the integer keys the radical utilized to unlock unfortunate organizations' data.
They were past capable to alert victims successful beforehand truthful they could instrumentality steps to support their systems earlier Hive demanded the payments.
"Using lawful means, we hacked the hackers," Monaco told reporters. "We turned the tables connected Hive."
News of the takedown archetypal leaked connected Thursday greeting erstwhile Hive's website was replaced with a flashing connection that said: "The Federal Bureau of Investigation seized this tract arsenic portion of coordinated instrumentality enforcement enactment taken against Hive Ransomware."
Hive's servers were besides seized by the German Federal Criminal Police and the Dutch National High Tech Crime Unit.
"Intensive practice crossed nationalist borders and continents, characterized by communal trust, is the cardinal to warring superior cybercrime effectively," said German constabulary commissioner Udo Vogel successful a connection from constabulary and prosecutors successful the authorities of Baden-Wuerttemberg, who assisted successful the probe.
Reuters was not instantly capable to find interaction details for Hive. It is unclear wherever they were geographically based.
The takedown of Hive is chiseled from immoderate of the different high-profile ransomware cases the U.S. Justice Department has announced successful caller years, specified arsenic a cyber onslaught in 2021 against the Colonial Pipeline Co.
In that case, the Justice Department seized immoderate $2.3 cardinal successful cryptocurrency ransom aft the institution had already paid the hackers.
Here, determination were nary seizures due to the fact that investigators intervened earlier Hive demanded the payments. The undercover infiltration, which started successful July 2022, went undetected by the pack until now.
OVER $100 MLN IN RANSOM
Hive was 1 the astir prolific among a wide scope of cybercriminal groups that extort planetary businesses by encrypting their information and demanding monolithic cryptocurrency payments successful return.
The Justice Department said that implicit the years, Hive has targeted much than 1,500 victims successful 80 antithetic countries, and has collected much than $100 cardinal successful ransomware payments.
Although determination were nary arrests announced connected Wednesday, 1 section authoritative told reporters to "stay tuned."
Canadian researcher Brett Callow, of cybersecurity institution Emsisoft, said that Hive was liable for astatine slightest 11 incidents involving U.S. authorities organizations, schools, and healthcare providers past year.
"Hive is 1 of the astir progressive groups around, if not the astir active," helium said successful an email.
Attorney General Merrick Garland said the FBI's cognition helped a wide scope of victims, including a Texas schoolhouse district.
"The bureau provided decryption keys to the schoolhouse district, redeeming it from making a $5 cardinal ransom payment," helium said. A Louisiana hospital, meanwhile, was spared $3 million.
Garland said the department's probe remains ongoing.
Reporting by Raphael Satter, Sarah N. Lynch and Katherine Jackson; further reporting by Rachel More successful Berlin; Editing by Chizu Nomiyama and Rosalba O'Brien
Our Standards: The Thomson Reuters Trust Principles.
English (US)