The FBI recently asserted that there have been thousands of companies have been targeted by the notorious Hive ransomware gang since June 2021.
During that time frame, the operators of the Hive ransomware gang extorted a total sum of approximately $100 million.
As a result of the Hive gang’s offensive operation, victims will be exposed to additional ransomware payloads on their networks which will cause further damage to them.
Approximately US$100 million in ransom payments have been collected by Hive ransomware actors as of November 2022, and they collected this hefty amount from more than 1,300 companies globally.
Moreover, when the victim organizations have restored their networks without paying any ransom for the restoration of their networks, hive actors have been known to reinfect the networks of these organizations again.
There are many organizations from a wide range of sectors and industries listed as victims of this attack in addition to a number of critical infrastructure sectors. There are several victims listed in the victim list, including:-
There has been a disclosure of this in connection with a joint advisory issued with these two organizations:-
The joint advisory released by the FBI in its investigation of Hive ransomware attacks includes the Hive IOCs and TTPs that were employed by the operators.
In order to penetrate a network, the affiliate targeting the network determines the manner in which the intrusion takes place. Actors of the Hive have exploited solitary authentication to gain access to victims’ networks and to do so, they have abused the following mediums:-
There have been instances when Hive actors have managed to circumvent MFA and gain access to FortiOS servers in this manner.
A number of vulnerabilities in Microsoft Exchange servers have also been exploited by Hive actors to gain access to victim networks.
It has also been noted that Hive ransomware is also capable of infecting the following platforms apart from Windows:-
Here below is the ransom note used by the threat actors:-
It is recommended that organizations follow these mitigations as recommended by the FBI, CISA, and HHS:-
Azure Active Directory Security – Download Free E-Book
In a significant announcement from the National Security Agency (NSA), Rob Joyce, the esteemed Director…
Signal, the privacy-focused messaging app, has introduced a significant update allowing users to keep their…
Google has announced the release of Chrome 122, marking a pivotal moment for the popular…
In a critical security advisory, ConnectWise has alerted users of its ScreenConnect remote access software…
Threat actors target military technologies to gain a strategic advantage, access classified information, and compromise…
In a significant blow to the global ransomware landscape, international law enforcement agencies have successfully…