The FBI says the infamous Hive gang has made about $100 million since June 2021. During this time, more than 1,300 companies have suffered from malicious attacks. According to the agency, Hive is tough on those who refuse to pay the ransom and attempt to restore their systems – hackers re-infect victims' networks with various ransomware until they receive the ransom.
Organizations from a wide variety of industries and critical infrastructure sectors (government agencies, telecommunications and IT companies) have become victims of cybercriminals. This was part of a post sponsored by CISA and the US Department of Health and Human Services.
The purpose of such a message is simple - agencies want to help information security specialists quickly and easily detect the group's malicious activity. To do this, Hive indicators of compromise and TTP (tactics, techniques and procedures) were attached to the letter.
It is worth noting that the agencies urge not to pay the ransom to the attackers, as this may be a signal to attack for other gangs of extortionists. Instead, victims are encouraged to report Hive attacks to their local FBI or CISA offices. This will help law enforcement collect critical information needed to track the activity of ransomware campaigns, prevent new attacks, or hold attackers accountable for their actions.