Hive ransomware actors extort over $100 mn from victims, warns US

by IANS |

San Francisco, Nov 19 (IANS) The US government has warned about an ongoing ransomware activity that has victimised over 1,300 companies worldwide, receiving approximately $100 million in ransom payments.

The Hive ransomware actors follow the ransomware-as-a-service (RaaS) model in which developers create, maintain, and update the malware, and affiliates conduct the ransomware attacks.

"From June 2021 through at least November 2022, threat actors have used Hive ransomware to target a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information technology, and healthcare," read the joint advisory by the FBI, the US Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services.

The Hive actors have bypassed multi-factor authentication (MFA) and gained access to aFortiOS' servers by exploiting common vulnerabilities and exposures (CVE) CVE-2020-12812.

"This vulnerability enables a malicious cyber actor to log in without a prompt for the user's second authentication factor (FortiToken) when the actor changes the case of the username," according to the joint advisory.

Hive also attacked power generation company Tata Power in October. The Mumbai-based company had said that the attack impacted some of its IT systems.

Microsoft's Threat Intelligence Center (MSTIC) researchers have warned that Hive upgraded its malware, enabling it to use a more complex encryption method for its ransomware as a service payload.

"Hive actors negotiate ransom demands in US dollars, with initial amounts ranging from several thousand to millions of dollars. Hive actors demand payment in Bitcoin," according to the US advisory.

Latest News
PM Modi to release Rs 20,000 crore to farmers during Varanasi visit on June 18 Sat, Jun 15, 2024, 03:53 PM
Millwall goalkeeper Matija Sarkic dies aged 26 Sat, Jun 15, 2024, 03:51 PM
Researchers link hot weather with increased headaches for people with migraines Sat, Jun 15, 2024, 03:32 PM
Kangana shares video of PM Modi with Giorgia Meloni; hails his support for women Sat, Jun 15, 2024, 03:29 PM
Water conservation campaign will become a movement in state: MP CM Sat, Jun 15, 2024, 03:28 PM
Congress govt got tight slap from Karnataka court on Yediyurappa matter: Union Min Pralhad Joshi Sat, Jun 15, 2024, 03:26 PM
Wayanad or Raebareli? Rahul Gandhi likely to decide on Monday Sat, Jun 15, 2024, 03:23 PM
Indian stock markets breaking global benchmarks in equity market cap Sat, Jun 15, 2024, 02:56 PM
PM Modi hails India-Italy friendship after Meloni shares 'Melodi' selfie video Sat, Jun 15, 2024, 02:53 PM
Kuwait fire: 14 Keralites under treatment out of danger Sat, Jun 15, 2024, 02:28 PM
Scholz calls Swiss-hosted Ukraine talks an early step to forge peace Sat, Jun 15, 2024, 02:27 PM
US aid pier off Gaza to be temporarily removed due to bad weather Sat, Jun 15, 2024, 02:13 PM
Philippines says 21 of 22 Filipino crew on attacked ship in Red Sea rescued, safe Sat, Jun 15, 2024, 02:11 PM
Swati Maliwal case: Judicial custody of CM Kejriwal's aide Bibhav Kumar extended Sat, Jun 15, 2024, 02:04 PM
Will work towards fulfilling PM Modi's semiconductor initiatives: Minister Kumaraswamy Sat, Jun 15, 2024, 01:49 PM