Posted on January 26, 2023 at 6:08 PM
Hackers have been using ransomware to lock people out of their own devices and hold them for ransom until paid for ages. There are even entire ransomware gangs now, which have been terrorizing users around the world.
One such gang, known as Hive, attempted to hack over 300 victims and request demands, which totaled over $130 million. However, before it could collect the funds, the FBI secretly hacked the gang and managed to disrupt their process.
This is what the Federal Bureau of Investigation announced this Thursday, noting that they even alerted the victims in advance, so they could take steps to secure their systems before Hive demanded them in the first place.
The details were shared at a news conference, where US Attorney General Merrick Garland, Deputy US Attorney General Lisa Monaco, and FBI Director Christopher Wray spoke, explaining the situation. According to them, the FBI managed to break into the hackers’ network some time ago, and they secretly put the gang under surveillance.
Unaware of the authorities’ presence, the hackers continued business as usual, while under the surface, the FBI stole their digital keys and unlocked the organization’s data regarding the victims. That is when the authorities alerted the victims, warning them that they were being targeted.
Deputy US Attorney General Lisa Monaco noted that the authorities used lawful means to hack the hackers, thus turning the tables on Hive.
The takedown leaked into the news prior to the conference, as the FBI took down the hackers’ website and instead posted a message stating that the Burau had seized the site as part of its action against Hive.
Meanwhile, Hive also lost its servers, which were seized by Germany’s Federal Criminal Police in collaboration with the Dutch National High Tech Crime Unit. Udo Vogel, the German police commissioner, stated that the move was a result of intensive cooperation across national borders and continents alike. It is a display of trust, which is the key to a fight against serious cybercrime.
As for the location of the hackers themselves, it remains unknown, as the authorities did not reveal the cyber criminals’ geographical location. However, the move represents a big step in the fight against cybercrime, and it is distinct from some other high-profile ransomware cases that the US Justice Department (JD) had announced over the last several years.
One example is the cyber attack against the Colonial Pipeline Co., which took place in 2021. At the time, the JD managed to seize a $2.3 million-large ransom in digital currencies after the company had already paid the hackers in exchange for a decryption key.
This time, however, the authorities managed to identify and help protect the victims before the attack even happened. As a result, there were no funds to seize. The infiltration by the authorities originally took place in July 2022, and they have spent around six months in the hackers’ systems, completely undetected until they were ready to move.
While Hive is far from being the only notable cybercriminal gang, it is definitely among the most prolific ones. It primarily targeted international businesses, encrypting their data and demanding crypto payments in order to give it back.
According to the US authorities, Hive members have targeted over 1,500 victims over the years, located in 80 different nations. Along the way, they collected over $100 million in ransomware payments. The disrupted operation was only the latest operation in a long line of cyber attacks that Hive had conducted, but it would have also been among the biggest ones.
While the authorities have not made any arrests, Garland still said that the investigation was ongoing. He added that the FBI’s operation helped a large number of victims who would have otherwise been hacked, including the Texas-based school district.
The district received the decryption keys from the Bureau, this being spared from having to pay $5 million to online criminals. The same is true when it comes to a Louisiana hospital, which would have otherwise had to pay 3 million.