The Hive group was dedicated to blackmailing companies, hospitals, schools, financial institutions and critical infrastructures.
Operating from the dark internet, it blocked their systems and demanded a ransom to provide the password with which the programs would start working again.
Since June 2021, the
as this data-hijacking practice is known, has attacked more than 1,500 victims in 80 countries around the world and received more than $100 million in ransom payments.
This Thursday, the United States Department of Justice has announced that the Federal Bureau of Investigation (FBI) has managed to dismantle it.
,” said Deputy Attorney General Lisa Monaco.
The operation has taken place in coordination with the German police and the National High-Tech Crime Unit of the Netherlands, but the police of other countries have also collaborated, including the Spanish National Police, as reported by the Department of Justice.
The FBI has finally taken control of Hive, whose computer networks it had already managed to penetrate since the end of July 2022, as it has now revealed.
Since then, he began to get hold of his decryption keys and has been offering them to victims all over the world, avoiding them from having to pay a demanded $130 million in ransom.
Since infiltrating the Hive network, the FBI has provided more than 300 passwords to Hive victims under attack.
In addition, it has provided more than 1,000 additional decryption keys to previous victims.
The investigative team "turned the tables, stealing their decryption keys," said Deputy Attorney General Lisa Monaco.
Cybercrime has become a challenge for authorities around the world, who have been reinforcing teams to deal with hackers.
Although the FBI has managed to dismantle the platform, there are no detainees so far: "We will continue our investigation and pursue the actors behind Hive until they are brought to justice," said Assistant Attorney General Kenneth A. Polite.
The Justice Department has not identified the victims of the cyberattacks.
Attorney General Merrick B. Garland, head of the Justice Department, explained in an appearance in Washington that the investigation began with complaints and the cooperation of the victims from the private sector.
The FBI then used court warrants authorizing access to break into the system.
“We hid and watched how they proceeded with their attacks.
We discovered the keys and gave them to the victims so they would not have to pay the ransom.
And finally, and this is what happened last night, we took down the infrastructure, we took down the servers that power Hive's ability to go forward, once we located where the servers were," Garland explained.
The attorney general has refused at the press conference to answer questions about the investigations into the classified papers found in a private office of the president, Joe Biden, and at his home in Wilmington (Delaware).
He has focused on the issue of the summons: “Cybercrime is an ever-evolving threat, but the Department of Justice will spare no resources to identify and bring to justice anyone, anywhere, who targets the United States. with a
We will continue to work both to prevent these attacks and to support the victims who have been subjected to them.
And together with our international partners, we will continue to break up the criminal networks that deploy these attacks”, he added.
Hours before the official announcement, a notice appeared on the Hive site on the dark web: “This hidden site has been confiscated.
The Federal Bureau of Investigation has seized this site as part of a coordinated law enforcement action against
This action has been carried out in coordination with the United States Attorney's Office for the Middle District of Florida and the Department of Justice's Computer Crime and Intellectual Property Section, with substantial assistance from Europol."
You can follow
EL PAÍS TECNOLOGÍA
or sign up here to receive our