The FBI has been generally quiet on the ransomware front – until the announcement of a major disruption against the Hive ransomware operation last month.
Hive ransomware had become one of the most active and prominent operations since its launch in June 2021, with operators providing extortion services and affiliates launching attacks. The operators earned 20% of all ransom payments while the affiliates took home the rest.
After months of investigation, an international law enforcement operation seized Hive’s Tor websites and revealed that they had secretly hacked their servers in July 2022. Consequently, police managed to intercept decryption keys and helped victims with free decryptions, causing a significant setback for this cybercrime group.
Despite the lack of any formal arrests, this incident was a strong blow to a significant actor in the cybercrime industry, stopping $100 million worth of ransom payments.