"Hive Ransomware's Master Key Recovered Using Weakness in Its Encryption Algorithm"
Researchers at Kookmin University successfully decrypted Hive ransomware-infected data without depending on the private key used to limit access to the data. They recovered the master key for generating the file encryption key without the attacker's private key, using a cryptographic vulnerability identified in their analysis. Hive, which is based on the Ransomware-as-a-Service (RaaS) model, targets company networks, steals information, encrypts data on the networks, and demands a ransom to access decryption software. The gang uses weak Remote Desktop Protocol (RDP) servers, stolen Virtual Private Network (VPN) credentials, and phishing emails containing malicious attachments. This article continues to discuss the tactics, techniques, and procedures of the Hive ransomware gang, and the exploitation of a security flaw in the encryption algorithm used by the Hive ransomware to recover encrypted data.