US Attorney General Merrick Garland said that the US authorities, in cooperation with Germany and the Netherlands, succeeded in controlling the servers of the “Hive” website after being hacked for about seven months.
The hacking of the website spared hundreds of companies from paying financial ransoms amounting to $130 million after Hive froze their electronic systems and stole their data.
Deputy Attorney General Lisa Monaco described the takeover of Hive as a “21st century operation,” adding, “We have hacked the hackers.”
The “Hive” group was active in providing services for ransomware, which means that anyone could rent the site’s services to penetrate and encrypt the electronic companies’ systems and ask their owners to pay money to free them again. The proceeds of the extortion operations are shared between the site and the executors of the operation.
Since Hive first appeared in 2021, more than 1,500 companies and institutions have been hacked and forced to pay ransoms, often in cryptocurrencies.
Victims include India’s Tata Power, German retail giant Media Markt, Costa Rica’s public health service, Indonesia’s state gas company and several US hospitals, according to cybersecurity consultants.
At dawn on Thursday, the Hive website on the dark web was frozen, and a statement appeared on the site’s home page in both English and Russian stating that it had been taken over by the US Federal Bureau of Investigation.
US officials said that by breaking into Hive’s dark web site and gathering information, justice authorities were able to obtain the digital keys needed to unlock victims’ frozen data so they would not have to pay Hive money.
“For months we helped victims defeat their attackers and deprived the Hive network of extortion profits,” Monaco said.
US authorities did not say who was behind Hive and whether they would make any arrests, saying the investigation was ongoing. The US Federal Bureau of Investigation, the German Reutlingen police station, the German Federal Criminal Police, the Dutch National High-Tech Crime Unit and Europol contributed to the operation.
