The US Justice Department has announced that it has dismantled the Hive Ransomware group, which had extorted more than 100 million dollars from more than 1,500 people and companies around the world, in about 80 countries, and also from Italian companies. The same ransomware system would have been used for the hacker attack on Trenitalia last March.
“Last night, the Justice Department dismantled an international ransomware network responsible for extortion and trying to extort hundreds of millions of dollars in the United States but also in the rest of the world,” announced the Attorney General Merrick Garland at a press conference.
The group’s servers, considered one of the world‘s leading ransomware attack networks, were seized and the federal police took control of their site on the darkweb, i.e. among those web contents not indexed by traditional browsers. The operation was carried out in coordination with the German and Dutch police forces, as well as with Europol, explained the director of the American Federal Police (FBI) Christopher Wray.
In the Italian power plant that challenges hackers: “Never so many attacks”
by Fabio Tonacci
First spotted in June 2021, the Hive crime group is accused of raising more than $100 million in ransom money. After infiltrating a computer system, ransomware hackers encrypt company data and demand a monetary payment to unlock it. According to cybersecurity firms, Hive ransomware has been used against several American hospitals, targeting the German chain of electronics stores Telemarkt and the Indian giant Tata, among others.
In June, the FBI was able to hack into Hive’s networks and recover the cryptographic key by communicating it to victims around the world in the following months, thus allowing them to avoid paying a $130 million ransom, explained Christopher Wray . “Unfortunately, in these seven months, we have discovered that only 20% of Hive’s victims had reported the attack to the police”, explained the FBI chief, inviting all companies and organizations to contact his agents in case of accident.
The Attorney’s Office Stuttgart, in Germany, communicated that the operation, dubbed “Dawnbreaker”, started from an investigation opened by its offices after some attacks received by companies in the region. “Once again, intensive and trust-based cooperation across borders and continents has been shown to be the key to an effective fight against major cybercrimes,” he said. Udo Vogel, Chief of Police of Reutlingen (south-west Germany). “We hacked the hackers,” Justice Department No. 2 said Lisa Monaco. “For months, we’ve been helping victims fight back against their attackers and stripping the network of its criminal profits,” she concluded.