State Department Puts $10M Bounty on Ransomware Ring

( – A cybercrime group has found itself in the State Department’s sights over a global wave of ransomware attacks. The Hive group targeted dozens of organizations between 2021 and 2023. The FBI eventually retaliated by hacking the hackers. Now, the federal government has offered a huge reward for information on the people behind the group.

Hive ransomware, a malicious app that locks data on the target computer and won’t unlock it until a ransom is paid to the criminals who operate it, first appeared in June 2021. In the next two months, it was used to attack at least 28 American healthcare organizations and hundreds of other targets around the world. South Korean security experts eventually found vulnerabilities in the software, and the FBI launched a counterattack in mid-2022, taking over much of the Hive group’s infrastructure. The operation included seizing the group’s decryption keys and giving them to victims, allowing them to unlock the data without paying a ransom.

On February 8, a State Department press release announced a $10 million reward for information on anyone who holds “a key leadership position” in the crime organization behind Hive, as well as a $5 million reward for details that lead to the arrest or conviction of anyone who uses the software. Although Hive has been mostly disarmed now that the FBI has its decryption keys, it’s likely the State Department wants to send a strong message to other cybercriminals. The size of the rewards makes it clear that the government is determined to track down and punish the group.

The rewards are being offered under the State Department’s Transnational Organized Crime Rewards Program, which, according to the agency, “supports law enforcement efforts to disrupt transnational crime globally and bring fugitives to justice.” The department is also collaborating with foreign law enforcement to track the hackers. Last November, Ukrainian cops arrested five men, including the alleged leader, as part of a Europol operation against Hive.

Copyright 2024,