The Hive ransomware group crossed a serious milestone earlier this week, the Cybersecurity Infrastructure and Safety Company (CISA) stated in a joint press launch, printed along with the Federal Bureau of Investigation (FBI) and the Division of Well being and Human Companies (HHS).
Based on the assertion, since June 2021 the group managed to contaminate greater than 1,300 firms with its ransomware variant and raked in north of $100 million for its efforts.
What’s extra, the group doesn’t appear to take no for a solution. The three businesses found Hive reinfecting these victims that select to revive their networks as an alternative of paying the ransom demand.
Reinfecting rebellious victims
“Hive actors have been known to reinfect—with either Hive ransomware or another ransomware variant—the networks of victim organizations who have restored their network without making a ransom payment,” the press launch reads.
Hive additionally casts a comparatively extensive web, when in quest of new victims. Whereas it’s considerably centered on Healthcare and Public Well being (PHP) organizations, it does get pleasure from an occasional authorities entity, communications agency, or IT firm.
The three organizations are usually towards paying the ransom demand, as that doesn’t assure they’ll get the decryption key, or the stolen information again. On the flip aspect, it would most undoubtedly inspire the group (and different, related teams, too) to proceed attacking, proceed deploying ransomware, and proceed asking for extra money.
As a substitute, they urge the victims to report the assault to their native FBI area workplace or attain out to CISA through electronic mail.
These stories, it says within the launch, will assist legislation enforcement collect key information that’s wanted to remain on Hive’s path, disrupt potential future assaults, and in the end – deliver the menace actors to justice.
Hive was first noticed within the early summer time of final 12 months.
Through BleepingComputer (opens in new tab)