Double Encryption Ransomware Wreaks Havoc
Hackers Re-Extort with Harmful Virus
The Federal Bureau of Investigation (FBI), once again, is hot on the heels of the nefarious Conti hackers. They’ve reportedly colluded with the Hive Ransomware group bilking thousands of companies across the globe. As of November 2022, the infamous “Hive” ransomware gang has successfully stolen about US $100 million, since June 2021.
Hive’s Ransomware-as-a-Service (RaaS) operation, since its inception last June, is nefarious for unleashing a host of fresh ransomware payloads on targeted companies that refused to comply with their extortion request. And in many instances, criminal hackers have reinfected the network databases of companies that were able to restore their corrupt files.
The FBI asserts that the hackers behind the “Hive” ransomware have targeted company networks in a variety of vital infrastructure sectors, those are inclusive of infrastructure in the communication hubs, and government sectors. Additionally, other businesses feeling the brunt of these dangerous hackers are public healthcare organizations.
Cyber analytics reports show that the Hive ransomware hackers are responsible for a variety of similar ransomware programs. These include Indicators of compromise (IOCs) and techniques, methods, and procedures (TTPs). According to the FBI’s investigation, their main goal at this point is to identify all malicious activities linked to the Hive hackers and eradicate the gang.
So far, since 2022, more than 800 pieces of evidence have been collected that are directly linked to the Hive ransomware attacks. Also, the FBI and CISA investigative reports have greatly aided law enforcement in acquiring vital information that halts some of Hive’s ransomware operations.
In May 2022, considerable proof documented that the HIVE threat actors actively used the first attack vector provided by Conti and the services of Conti’s pen-testers, according to Yelisey Boguslavskiy, chief of research at Advanced Intel.