Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizen Brother Black fly's left hand clue delivery! CTOnews.com, January 28 (Xinhua)-- the US Department of Justice announced this week that FBI agents have successfully dismantled Hive, a notorious blackmail software group, and stopped 130 million dollars worth of ransom so that victims no longer have to pay ransoms. Hive Group is responsible for more than 1500 victims in more than 80 countries around the world, and FBI revealed that it had infiltrated the group's network for months before working with Germany and the Netherlands to shut down Hive servers and websites this week.

"to put it simply, we hacked the hackers by legal means," Lisa Monaco, deputy justice minister of Tuyuan Pexels, said at a news conference.

The FBI claims that by secretly hacking into the Hive server, it quietly obtained more than 300 decryption keys and sent them back to the victims whose data was locked by the organization. U.S. Attorney General Merrick Garland said in his statement that in the past few months, the FBI has used these decryption keys to "rescue" a Texas school district facing a $5 million ransom, a Louisiana hospital that was required to pay $3 million, and an unnamed food service company facing a $10 million ransom.

"We turned around Hive and broke their business model," Monaco said. Hive was considered by the FBI to be one of the top five ransomware threats. According to the Justice Department, Hive has received more than $100m in ransom from victims since June 2021. "

Hive's "ransomware as a service (RaaS)" model is to make and sell blackmail software, and then recruit "affiliates" to deploy it. Hive administrators take 20% of all revenue, and if someone refuses to pay, publish stolen data on the "HiveLeaks" website. According to the U.S. Bureau of Cyber Security and Infrastructure Security (CISA), the methods used by these branches include email phishing, exploiting FortiToken authentication vulnerabilities, and gaining access to corporate VPN and remote desktops (using RDP), which can only be protected by single-factor login.

Hive is the largest blackmail software group captured by the Federal Bureau of investigation since REvil in 2021, which leaked Apple supplier's MacBook schematics.

CTOnews.com learned that during surveillance of Hive, the FBI discovered more than 1000 encryption keys related to the organization's former victims, and FBI Director Christopher Ray pointed out that only 20% of the victims found turned to the FBI for help. Many victims of blackmail software attacks do not contact the FBI because they fear a counterattack by hackers and censorship of their industry for failing to protect themselves.

The FBI hopes to persuade more victims to come forward and cooperate with them, rather than succumbing to hackers' demands.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.