FBI agents infiltrated the servers of a notorious ransomware group to help victims take back control of their networks and block some $130 million in demanded ransoms, the Wall Street Journal reports. The Justice Department announced it had seized the servers of the Hive ransomware group after entering its networks and capturing keys to decrypt its software. The group linked to Hive ransomware is widely seen by authorities and cybersecurity experts as one of the most prolific and dangerous cybercriminal actors in recent years. Its attacks have been connected to more than 1,500 victims including hospitals and schools, and have extorted $100 million in ransom payments, the Justice Department said. The operation began last summer in Tampa, Fl.
“The FBI and our prosecutors have been inside the network of one of the world’s most prolific ransomware variants,” Deputy Attorney General Lisa Monaco said. “We hacked the hackers.”
Officials have not announced arrests or where the people behind the Hive ransomware were based. In coordinated operations on Wednesday, German and Dutch police also seized servers associated with the group. Hive’s website was inaccessible Thursday, flashing a message stating it had been seized as part of a law-enforcement action. Hackers demand payment after ransomware infiltrates a victim's computer. The Hive group was known to punish victims who managed to restore their systems by infiltrating them again and reinfecting them with another variant. The group has only been active for a couple of years but has been blamed for targeting hospital networks and forcing disruptions in care. The Hive was responsible for a summer 2021 attack on a Midwest hospital that forced the facility to stop accepting new patients and use paper records, Attorney General Merrick Garland said, adding that the group most recently targeted victims in Florida and California in the past month. The Biden administration began viewing ransomware as a top national security threat in the wake of the 2021 cyberattack on Colonial Pipeline, which led to a shutdown of the largest conduit of fuel on the East Coast for several days.