"Hive Ransomware Operation Apparently Shut Down by Law Enforcement"

The Hive ransomware operation appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries.  A message in Russian and English on the Hive ransomware operation's Tor-based website reads: "The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware."  Another message says the action was taken in coordination with Europol and authorities in Florida, which indicates that more details will likely be made available in the upcoming period by the Justice Department and Europol.  Until law enforcement agencies confirm the shutdown of Hive, there could be a slight chance that the website seizure notice was posted by the cybercriminals themselves.  Hacker groups falsely claiming to have been shut down by police are not unheard of.   However, Allan Liska, a ransomware expert working for threat intelligence company Recorded Future, reported that the Hive infrastructure was seized.  The US government reported that in November 2022, the Hive ransomware gang had hit more than 1,300 businesses and made an estimated $100 million in ransom payments.  Data collected by the DarkFeed deep web intelligence project shows that Hive was still active last week.  The Hive ransomware operation was launched in 2021.  The ransomware was offered under a ransomware-as-a-service (RaaS) model.  A free decryptor for files encrypted with the Hive ransomware was released by a South Korean cybersecurity agency in the summer of 2022. 

SecurityWeek reports: "Hive Ransomware Operation Apparently Shut Down by Law Enforcement"