In a statement last week, the US Department of Justice claimed to have made progress against the significant ransomware organisation known as Hive.
Since last July, the FBI has been infiltrating Hive's computer networks, and its disruption of the hackers' operations has resulted in the cancellation of more than $130 million in ransom demands.
The FBI infiltrated the gang's network as part of the operation and stole Hive's decryption keys before providing them to the gang's victims.
The notorious gang has been targeting victims all around the world for some time. Since 2021, it has targeted over 1,500 victims, collecting hundreds of millions of dollars in ransom. Healthcare systems have frequently been the target of ransomware attacks.
“The Department of Justice’s disruption of the Hive ransomware group should speak as clearly to victims of cybercrime as it does to perpetrators,” stated US deputy attorney general Lisa O Monaco.
The US agencies investigating the Hive hackings collaborated with international authorities in Germany and the Netherlands.
“In a 21st century cyber stakeout, our investigative team turned the tables on Hive,” Monaco added. “We will continue to strike back against cybercrime using any means possible and place victims at the centre of our efforts to mitigate the cyber threat.”
For years, the FBI and other international organisations have been watching Hive's methods.
Hüseyin Can Yuceel, a security researcher at Picus Security, urged the authorities against getting comfortable in response to their most recent success in foiling the hacker group's attempts.
One of the most successful ransomware gangs in the previous five years was the Hive ransomware group. Hive became a significant player in the ransomware-as-a-service industry by embracing all of the current trends in the ransomware arena, Yuceel explained.
He continued, stating that ransomware threat actors "are likely to rebuild and continue their activities" since the industry is still too profitable for hackers to give up on.
According to Check Point Software security engineer Muhammad Yahya Patel, the FBI's Hive "takedown is a win that we should celebrate."
It sends a clear message to ransomware groups and may have alarmed some of them because they don't know if they are also being watched.
He also emphasised that we shouldn't get ahead of ourselves because groups "do usually reorganise under a new name or spread into other gangs."
Patel thinks that the government's ability to impair Hive's operations in this particular way marks a new step forward in the fight against cybercrime.