The Paris arrest put a fat end to the history of one of the largest extortion operations.
This week, French police detained a 40-year-old man in Paris suspected of laundering money obtained from the criminal activities of the extortion software group Hive. During a search of the detainee's home located in Cyprus, the police seized cryptocurrency worth more than 570,000 euros. This international operation was carried out with the assistance of Europol and Eurojust.
According to US intelligence agencies and cybersecurity researchers, by November 2022, Hive had attacked more than 1,300 companies worldwide, earning more than $ 100 million.
Hive ransomware has been operating on the RaaS model since June 2021, providing all the necessary ransomware tools to anyone who wants. In attacks using this software, hackers usually used the double extortion model: first, they stole data and encrypted it on the victim's computer, and then threatened to post it on their leak site if the ransom was not paid. This dramatically undermined the position of hacked companies.
In April 2021, the FBI issued an emergency report on the Hive attacks, including technical details and indicators of compromise related to the group's activities. According to Chainalysis, a blockchain analytics company, Hive is among the top ten most profitable ransomware programs of 2021.
Operation Hive was eliminated in January 2023 by the FBI in coordination with the police forces of Germany and the Netherlands, as well as Europol. The Tor leak site used by Hive operators was seized as part of an international operation by law enforcement agencies in 10 countries.
Shortly after the withdrawal of Hive's infrastructure, a new ransomware group called Hunters International emerged in cyberspace, which is suspected to be a renamed Hive group with all remaining members due to its use of similar code and tools.
Although law enforcement agencies are making efforts to combat such groups by detaining individual participants and eliminating their infrastructure, the business model of cyber extortion itself is extremely tenacious. New groups appear very quickly to replace the old ones.
In this regard, companies and organizations need to pay increased attention to protecting their data and systems from hacking and attacks. And States should join forces at the international level to deal more effectively with this unprecedented threat.
This week, French police detained a 40-year-old man in Paris suspected of laundering money obtained from the criminal activities of the extortion software group Hive. During a search of the detainee's home located in Cyprus, the police seized cryptocurrency worth more than 570,000 euros. This international operation was carried out with the assistance of Europol and Eurojust.
According to US intelligence agencies and cybersecurity researchers, by November 2022, Hive had attacked more than 1,300 companies worldwide, earning more than $ 100 million.
Hive ransomware has been operating on the RaaS model since June 2021, providing all the necessary ransomware tools to anyone who wants. In attacks using this software, hackers usually used the double extortion model: first, they stole data and encrypted it on the victim's computer, and then threatened to post it on their leak site if the ransom was not paid. This dramatically undermined the position of hacked companies.
In April 2021, the FBI issued an emergency report on the Hive attacks, including technical details and indicators of compromise related to the group's activities. According to Chainalysis, a blockchain analytics company, Hive is among the top ten most profitable ransomware programs of 2021.
Operation Hive was eliminated in January 2023 by the FBI in coordination with the police forces of Germany and the Netherlands, as well as Europol. The Tor leak site used by Hive operators was seized as part of an international operation by law enforcement agencies in 10 countries.
Shortly after the withdrawal of Hive's infrastructure, a new ransomware group called Hunters International emerged in cyberspace, which is suspected to be a renamed Hive group with all remaining members due to its use of similar code and tools.
Although law enforcement agencies are making efforts to combat such groups by detaining individual participants and eliminating their infrastructure, the business model of cyber extortion itself is extremely tenacious. New groups appear very quickly to replace the old ones.
In this regard, companies and organizations need to pay increased attention to protecting their data and systems from hacking and attacks. And States should join forces at the international level to deal more effectively with this unprecedented threat.
