FBI hacked hackers to bust $130m ransomware gang, Justice Department reveals

Bureau says its intervention saved more than 300 entities from having to pay ransom fees

Abe Asher
Thursday 26 January 2023 19:26 GMT
Comments
Garland announces anti-ransomware crackdown

The FBI says it has hacked and disrupted the operations of a prolific hacking group called Hive, stopping the group from collecting $130m in ransom demands from more than 300 entities.

Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy Attorney General Lisa Monaco announced the news at a triumphant press conference, with Ms Monaco telling reporters that the government “hacked the hackers.”

Mr Garland has made cracking down on hacking groups and ransomware a priority for the Justice Department, with ransom attacks beginning to pose major problems to the country’s security.

The hacking of Hive reportedly began last July, when FBI agents infiltrated the group undercover. The result was that Hive was unable to install the ransomware it allegedly wanted to install and was not in a position to demand or collect the $130m for the various groups it targeted.

The Justice Department did not announce the arrests of any individuals connected to Hive attacks, but one official suggested that such announcements could be coming in the near future.

“Stay tuned,” one official told reporters.

According to the Justice Department, Hive has been effectively attacking businesses across the world for years by encrypting their data and demanding payments in cryptocurrency in return.

The DOJ said that Hive has throughout the course of its existence targeted more than 1,500 entities in 80 different countries and taken more than $100m in cryptocurrency payments from its victims. It is not known whether Hive is based in any particular country or region or whether its members hail from a variety of geographical backgrounds.

The Justice Department was able to put an effective end to Hive’s operations when its agents, working under cover, stole the digital keys the group used to unlock organisations’ data systems and install ransomware. The officials working on the case would then alert the organisations set to be targeted so they could shore up their digital defences.

Hive had, according to Mr Garland, plenty of targets in the US. The attorney general said that a school district in Texas would have been in line to have to pay a $5m ransom, while a hospital system in Louisiana was going to be extorted for $3m.

On Thursday, Hive’s website told a succinct story: “The Federal Bureau of Investigation seized this site as part of coordinated law enforcement action taken against Hive Ransomware,” the home page read.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in