The US Department of State has announced a $15 million reward for anyone who could provide information that would lead to the identification and arrest of the leadership of the Hive ransomware variant transnational organized crime group.
Specifically, the Department said up to $10 million will be given for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the group.
The remaining $5 million is the reward for information leading to the arrest and/or conviction of any individual in any country conspiring to participate in or attempting to participate in Hive ransomware activity.
The US Department noted that the Hive ransomware variant targeted victims in over 80 countries, including the United States.
It added that beginning in late July 2022, the FBI penetrated Hive’s computer networks, obtained its decryption keys, and offered them to victims worldwide, preventing victims from having to pay up to $130 million in ransom demanded.
Hive’s server seized
Announcing the reward via a statement released on Thursday, the Department said:
- “Today’s announcement complements the Department of Justice announcement that, with Europol, the German and Dutch authorities, and the United States Secret Service, it had seized control of Hive’s servers and websites, thereby disrupting Hive’s ability to further attack and extort victims. We will continue to work with allies and partners to disrupt and deter ransomware actors that threaten the backbone of our economies and critical infrastructure.
- “This reward is offered under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP), which supports law enforcement efforts to disrupt transnational crime globally and bring fugitives to justice.”
According to reports, Hive victims have included include hospitals, school districts, financial firms, and critical infrastructure, even impacting response services during the COVID-19 pandemic.
What you should know
In ransomware attacks, hackers encrypt a computer system and then extort victims to pay up or risk losing access to their data.
Victims have included large companies such as the meat supplier JBS, major infrastructure such as the Colonial Pipeline, and entire countries such as Costa Rica.
According to the DOJ, Hive has been a major player in the ransomware space since June 2021, attacking more than 1,500 victims in more than 80 countries and extorting more than $100 million from them.
- “I’d say that’s up there with the largest ransomware groups we’ve got data on, in terms of how many organizations have been impacted and how much money is being paid out,” an associate professor of cybersecurity policy at Tufts University, Josephine Wolff, said about the group.