The U.S. Department of Justice (DOJ) has concluded a months-long disruption campaign, in cooperation with the Federal Bureau of Investigation (FBI),  against crypto ransomware group Hive Network, preventing victims from losing US$130 million in ransoms, the agency announced on Thursday. 

See related article: 2023 Should be the Year of Web3 Security

Fast facts

  • Hive had targeted over 1,500 victims in over 80 countries, including hospitals, school districts, financial firms, and critical infrastructure, the DOJ said.
  • The FBI infiltrated Hive in July 2022, and provided over 300 decryption keys to Hive victims under active threat, said the DOJ. The FBI additionally distributed over 1,000 decryption keys to past victims of the ransomware group.
  • The DOJ said it coordinated with German and Dutch authorities to seize control of Hive’s communication servers and websites.
  • The international cybercrime gang was dismantled as a result of the operation, according to the DOJ. 
  • Crypto ransomware is a type of malicious software used by cybercriminals to encrypt and lock files stored in a user’s device. For users to regain access to and ownership of their files, hackers demand cryptocurrency payments for a “decryption key.”
  • Ransomware attackers extorted US$456.8 million from victims in 2022, down 40% from US$765.6 million the previous year, according to a recent report by blockchain forensics firm Chainalysis. 
  • The drop in successful ransomware attacks could be attributed to improved cybersecurity awareness and potential victims’ refusal to pay cybercriminals, Chainalysis said. 

See related article: FTX says US$415 mln in crypto hacked since bankruptcy filing