The American and German authorities announced on Thursday the dismantling of one of the main ransomware attack networks in the world, dubbed “Hive”, accused of having targeted some 1,500 entities in 80 countries.
“Last night, the Justice Department busted an international ransomware ring that extorted or attempted to extort millions of dollars from its victims,” Secretary Merrick Garland said at a news conference in Washington.
The group’s servers were seized and the federal police took control of its site on the dark webthe part of the Internet not referenced by conventional browsers, he said.
The operation was carried out in coordination with the German and Dutch police forces, as well as Europol, added the director of the American federal police (FBI), Christopher Wray.
First detected in June 2021, the criminal group Hive is accused of collecting more than $100 million in ransom.
After infiltrating a computer system, ransomware hackers encrypt corporate data and demand payment to unlock it.
According to firms specializing in cybersecurity, Hive ransomware, or “ransomware” in English, has been deployed against American hospitals, the German chain of electronics stores Telemarkt and the Indian giant Tata.
“Hacking the hackers”
By June, the FBI had successfully penetrated Hive’s networks and recovered its encryption key, which it offered to victims around the world in the following months, allowing them to avoid paying $130 million in ransoms. , said Christopher Wray.
The US Federal Police had also distributed copies of this key to former Hive victims to fully recover their data.
“Unfortunately, during these seven months, we discovered that only 20% of Hive victims had alerted the police,” lamented the head of the FBI, calling on all companies and entities to contact his agents as soon as possible in the event of an incident. ‘offensive.
The prosecutor’s office in Stuttgart, Germany, said in a statement that the operation, dubbed Dawnbreaker, had its source in an investigation opened by its services after attacks against businesses in the region. However, they “did not give in to blackmail and informed the authorities”, he added.
“Once again, it has been proven that intense and mutually trusting cooperation across borders and continents is the key to an effective fight against serious cybercrime”, said Udo Vogel, the head of the police of Reutlingen (south-west of Germany), quoted in the press release.
“We hacked the hackers,” said the number 2 of the US Department of Justice, Lisa Monaco. “For months, we helped victims fight back against their abusers and deprived the network of its criminal profits,” she said.