Global ransomware hackers ‘hacked’ by FBI
Share
Ransomware gang Hive, which had targeted over 1500 victims globally, has been successfully hacked and disrupted by the FBI this week.
U.S. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney General Lisa Monaco revealed at a news conference on Thursday that government hackers broke into the ransomware gang’s network and put them under surveillance.
This allowed the U.S. Government to surreptitiously steal the digital keys the group used to unlock victim organizations’ data, thwarting them from collecting over $130 million in ransomware demands from over 300 victims.
They then alerted the group’s victims in advance so they could take steps to protect their systems before Hive demanded the payments.
“Using lawful means, we hacked the hackers,” Attorney General Monaco said.
“We turned the tables on Hive.”
Check out: Australia leads international task force against ransomware
The takedown was reported when Hive’s website was replaced with a flashing message saying: “The Federal Bureau of Investigation seized this site as part of coordinated law enforcement action taken against Hive Ransomware.”
Aside from the US Government, the German Federal Criminal Police and the Dutch National High Tech Crime Unit also took the ransomware group’s servers.
“Intensive cooperation across national borders and continents, characterized by mutual trust, is the key to fighting serious cybercrime effectively,” said German police commissioner Udo Vogel in a statement from police and prosecutors in the state of Baden-Wuerttemberg, who assisted in the probe.
The ransomware group was one of the most prolific hacker groups that extort international businesses by encrypting their data and demanding massive cryptocurrency payments in return. Throughout its operations, the group has successfully collected more than $100 million in ransomware payments.
Check out: Young Aussies the least cyber aware generation
Canadian researcher Brett Callow, of cyber security company Emsisoft, said that Hive was responsible for at least 11 incidents involving local organizations, schools, and healthcare providers last year.
“Hive is one of the most active groups around, if not the most active,” he said.
Hive’s takedown is distinct from some of the other high-profile ransomware cases, such as a cyber attack in 2021 against the Colonial Pipeline Co. No seizures were undertaken by the US Government as investigators were able to intervene before Hive demanded the payments.
The undercover infiltration, which started in July 2022, went undetected by the gang until now.
Although there were no arrests announced, one department official told reporters to “stay tuned.”
Source: Reuters. Content has been edited for style and length.
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online privacy public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria
Last Viewed