Hive ransomware actors extort over $100 mn from victims, warns US

by IANS |

San Francisco, Nov 19 (IANS) The US government has warned about an ongoing ransomware activity that has victimised over 1,300 companies worldwide, receiving approximately $100 million in ransom payments.

The Hive ransomware actors follow the ransomware-as-a-service (RaaS) model in which developers create, maintain, and update the malware, and affiliates conduct the ransomware attacks.

"From June 2021 through at least November 2022, threat actors have used Hive ransomware to target a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information technology, and healthcare," read the joint advisory by the FBI, the US Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services.

The Hive actors have bypassed multi-factor authentication (MFA) and gained access to aFortiOS' servers by exploiting common vulnerabilities and exposures (CVE) CVE-2020-12812.

"This vulnerability enables a malicious cyber actor to log in without a prompt for the user's second authentication factor (FortiToken) when the actor changes the case of the username," according to the joint advisory.

Hive also attacked power generation company Tata Power in October. The Mumbai-based company had said that the attack impacted some of its IT systems.

Microsoft's Threat Intelligence Center (MSTIC) researchers have warned that Hive upgraded its malware, enabling it to use a more complex encryption method for its ransomware as a service payload.

"Hive actors negotiate ransom demands in US dollars, with initial amounts ranging from several thousand to millions of dollars. Hive actors demand payment in Bitcoin," according to the US advisory.

Latest News
Mumbai airport to shut for post-monsoon runway repairs on Oct 17 Fri, Sep 22, 2023, 08:10 PM
Winners of 2023 Men's ODI World Cup to receive USD 4 million prize money Fri, Sep 22, 2023, 07:43 PM
Indian Railways raises compensation for death or injuries in train accidents by 10 times Fri, Sep 22, 2023, 07:39 PM
Zeleskyy visits Canada, first time since Russia invaded Ukraine, to address Parl Fri, Sep 22, 2023, 07:11 PM
14 rescued, 3 firemen injured as massive blaze engulfs Mumbai mall Fri, Sep 22, 2023, 07:08 PM
INDvAUS, 1st ODI: Shami bags five-for as India bowl out Australia for 276 Fri, Sep 22, 2023, 07:06 PM
1st ODI: Mohammed Shami bags five-for as India bowl out Australia for 276 Fri, Sep 22, 2023, 07:04 PM
Asian Games: Indian men's volleyball team remain on course to history with 3-0 rout of Chinese Taipei Fri, Sep 22, 2023, 04:55 PM
New wearable optical device may prevent maternal deaths Fri, Sep 22, 2023, 04:54 PM
PM Modi to host special dinner for Delhi Police on Friday, 300 officials to attend the event Fri, Sep 22, 2023, 04:52 PM
Reliance Jio announces attractive offers for 'make in India' iPhone 15 buyers Fri, Sep 22, 2023, 04:49 PM
Under selling pressure through the week, Nifty falls 2.8% from all-time high Fri, Sep 22, 2023, 04:46 PM
Cong eyes tribal votes in MP, to come up with 'Scheduled Tribes Charter' Fri, Sep 22, 2023, 04:45 PM
PM Modi to inaugurate, address international lawyers conference tomorrow Fri, Sep 22, 2023, 04:02 PM
Family court's approach should align with objectives of family law, not technical legalities: Delhi HC Fri, Sep 22, 2023, 04:01 PM