Romanian police announce that together with DIICOT., Europol, authorities in Germany, the Netherlands and the United States, they contributed to the destruction of the HIVE ransomware group, a “major threat” that compromised and encrypted the data and computer systems of major IT companies and oil companies from the European Union and the United States of America. According to the investigation, the amount of damages exceeds 100 million euros.
The HIVE ransomware has been identified as a major threat over the past year, as it has been used to compromise and encrypt data and computer systems of major IT companies and oil multinationals in the European Union and the United States of America, according to police.
The attacks targeted more than 1,500 companies in more than 80 countries.
Since June 2021, attacks by the HIVE ransomware group have targeted more than 1,500 companies in more than 80 countries, according to investigators.
How the criminal mechanism worked, according to the Romanian police:
- “Affiliates carried out cyber attacks and the developers created, maintained and updated the HIVE ransomware.
- The affiliates used the “Ransomware as a Service” blackmail model.
- They would copy the data and encrypt it, then demand a ransom to decrypt the files and not publish the stolen data on the leak site.
- After the affected parties pay, the ransom will be split between the affiliates, who keep 80%, and the developers, who get the remaining 20%.”
How companies attacked
According to the cited sources, other groups have emerged in recent years that use the “ransomware as a service” method to carry out high-level cyberattacks. As such, millions of euros in ransom were demanded to decrypt affected systems, often at companies that provided critical infrastructure.
Between June 2021 and November 2022, the suspects used HIVE ransomware to target a wide range of businesses and infrastructure sectors, such as government agencies, telecommunications, manufacturing, information technology, healthcare services, and healthcare facilities.
After a major attack, HIVE affiliates targeted the hospital, which had serious implications for how the hospital was able to deal with the COVID-19 pandemic. Due to the attack, the hospital was forced to resort to conventional treatment methods for existing patients and could not accept new patients.
Suspicious individuals would attack companies in a variety of ways. According to Romanian police, some participants were able to obtain victim data by distributing “phishing” emails, exploiting vulnerabilities in the operating systems of the attacked devices.
On the territory of Romania, a group of HIVE ransomware infected the IT infrastructure of several companies (medium and large) from various fields of activity, even from the category of basic services, disrupting the operation of IT systems and their activities, according to the police. .
- “Europol, together with other European Union states, has coordinated efforts to mitigate victimization, thereby stopping more companies from becoming victims of HIVE software.
- Courts have given the companies decryption keys so they don’t have to pay the ransom anymore. In this way, it was possible to prevent the payment of ransom in the amount of more than 120,000,000 euros,” the cited source adds.
(Photo: Dreamstime.com)
Source: Hot News
Ashley Bailey is a talented author and journalist known for her writing on trending topics. Currently working at 247 news reel, she brings readers fresh perspectives on current issues. With her well-researched and thought-provoking articles, she captures the zeitgeist and stays ahead of the latest trends. Ashley’s writing is a must-read for anyone interested in staying up-to-date with the latest developments.