French police arrested the alleged "banker" of the Hive ransomware operation, a Russian national residing in Cyprus. 570,000 euros in cryptocurrency assets were seized. These are suspected funds stolen from French victims.
https://www.databreachtoday.com/breach-roundup-french-police-arrest-alleged-hive-money-man-a-23887
The group has claimed five victims thus far, but the threat actors deny being a reincarnation, asserting that they purchased the Hive source code and website from its developers.
#Cybersecurity #HiveRansomware #HackerGroup #HantersInternational
Russian Hacker “Wazawaka” Indicted for Ransomware
https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/
#MikhailPavolovichMatveev #Ne'er-Do-WellNews #LockBitransomware #Babukransomware #Hiveransomware #Uhodiransomwar #Boriselcin #Wazawaka #Orange #RAMP
Russian Hacker “Wazawaka” Indicted for Ransomware - A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and voca... https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/ #mikhailpavolovichmatveev #lockbitransomware #neer-do-wellnews #babukransomware #hiveransomware #uhodiransomwar #boriselcin #wazawaka #orange #ramp
Russian Hacker “Wazawaka” Indicted for Ransomware https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/ #MikhailPavolovichMatveev #Ne'er-Do-WellNews #LockBitransomware #Babukransomware #Hiveransomware #Uhodiransomwar #Boriselcin #Wazawaka #Orange #RAMP
If the FBI and Europol had infiltrated Hive in July, why was the takedown now? Sure, they intercepted encryption keys, but they allowed hundreds of orgs to be victimized costing untold millions of dollars in damages. Combined with the lack of arrests, can it be justified as having been worth it in the end? #InfoSec #HiveRansomware
If law enforcement wants to be trusted and taken seriously, they should stop making misleading statements touting their own victories. I'm pleased they compromised Hive, but to some degree it raises as many questions as answers. Then they say things like this to Reuters. If these orgs were allowed to be victimized they didn't "save them" anything. The costs of cleanup and breach far exceed ransoms, which they may not have even chosen to pay. #InfoSec #HiveRansomware
Woke up to some interesting news today. It would appear that the #HiveRansomware Gang has been taken down. https://www.scmagazine.com/analysis/ransomware/notice-on-hive-ransomware-site-claims-seizure-by-fbi-europol?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGJjgDjxI7Quxnvn1dDKVtkFHU7zdk93j0TL7ocD2SwuAAcr1k2YbWxSGv7tfEHn6GOvCcebcAwc3X5co3AlFFNixo9Hty9BWX4VsvTCEiG_Q
I checked around some #DarkWeb forums, and it would appear this actually happened in a joint, international effort. The #USDOJ claims to have "hacked the hackers", took down their #TOR site, and have apparently #decrypted 1500 companies. If it sticks, this is a big win for the #GoodGuys. Bye bye #Hive!
Good morning whats all this then #HiveRansomware #ransomware
Check out the latest cybersecurity news you need to know in today's Metacurity. Lead items via @seanhollister @serghei @nakashimae @timstarks @billtoulas
@kevincollier @nateschweber @alng @snlyngaas @jaypeters
#northkorea #eufy #blackcatransomware #Hiveransomware #infosec #cybersecurity
https://metacurity.substack.com/p/north-korea-hackers-stole-625-million
I have been seeing A LOT of verified compromises circulating hacker forums because of #BlackCat, #LockBit, #HiveRansomware, #Mallox, #BlackBasta #RoyalRansomware, #BianLian, #CubaRansomware, #BloodyRansomwareGang, #RansomEXX - I'm talking multiple terabytes of data, hundreds of millions of account details, across pretty much every single sector. Most common method of infection? #BusinessEmailCompromise! Be super mindful of the links you click on, the attachments you download, and the sites you visit
Additional coverage and attribution to #HiveRansomware 👇
SentinelOne: https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/
Mandiant: https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware
S1 observed "deployment of Hive ransomware against a target in the medical industry" :blobcatnotlikethis:
Since this an @ioc.exchange here's a list TTPs and IOCs from CISA/FBI/HHS for the #HiveRansomware published today: https://www.cisa.gov/uscert/ncas/alerts/aa22-321a
