Cointime

Download App
iOS & Android

DOJ Disrupts Ransomware Group Attempting to Extort $130M in Crypto Ransom

The DOJ stated that it conducted the operation with the help of German law enforcement (the German Federal Criminal Police and Reutlingen Police Headquarters-CID Esslingen) and the Netherlands National High Tech Crime Unit.

Over $100M Extorted From 1,500 Victims

The department said that since June 2021, the group has targeted more than 1,500 victims worldwide and received over $100 million in crypto ransom payments.

According to the DOJ, the Federal Bureau of Investigation (FBI) executed a months-long disruption campaign against the group and infiltrated Hive’s network in July 2022. The Justice Department added that after successfully infiltrating the group’s network, it captured their decryption keys and offered them to victims worldwide, preventing them from paying the $130 million in crypto ransom demanded.

“Since infiltrating Hive’s network in July 2022, the FBI has provided over 300 decryption keys to Hive victims who were under attack. In addition, the FBI distributed over 1,000 additional decryption keys to previous Hive victims,” the DOJ said.

A Subscription-Based Model

Ransomware is malicious software (malware) that threatens to publish or block access to a victim’s personal data (usually by encrypting it) unless a ransom is paid off.

According to the DOJ, Hive used a subscription-based model called ransomware-as-a-service (RaaS) to “develop a ransomware strain and create an easy-to-use interface with which to operate it and then recruit affiliates to deploy the ransomware against victims.”

“Affiliates identified targets and deployed this readymade malicious software to attack victims and then earned a percentage of each successful ransom payment,” the department added.

Meanwhile, the DOJ announcement comes as revenue from ransomware has significantly reduced. According to a recent report by blockchain analytics firm Chainalysis, ransomware attackers extorted approximately $456.8 million from victims in 2022, down from $765.6 million the year prior.

However, that does not mean ransomware attacks have reduced, or at least not as much as the decline in payments suggests. Instead, “much of the decline is due to victim organisations increasingly refusing to pay ransomware attackers,” the report said.

~ By William A. Frederick ~

Comments

All Comments

Recommended for you

  • Cointime April 21th News Express

    1.An Ethereum pre-mining address that has been dormant for 8.7 years has been activated, containing 197 ETH 2.Bitcoin block reward halving sparks bullish and skeptical opinion split3.A whale withdrew another 10,119 ETH from Binance4.MtGox claims form updated, may support compensation payment in BTC and BCH5.ZKasino transfers the 10,515 ETH deposited by the user to a multi-signature address and deposits it into Lido 6.Pre-Rune concept NFT Rune Doors is the project party for the deployment of Rune No. 97.More than 11,000 BTC flowed out of Coinbase Pro in the past 7 days8.Solana Ecosystem NFT Social Platform Only1 Completes $1.3 Million Strategic Financing, Led by Newman Group 9.friend.tech: V2 version has completed the audit and will be released on April 2910.Bitwise CEO: Wealth Manager Will Increase Its Bitcoin ETF Holdings

  • Cointime April 20th News Express

    1. Ordinals’ cumulative fee income exceeds 6,700 BTC, an increase of approximately $80 million in the past three days

  • Hong Kong Customs cracked a HK$1.8 billion money laundering case involving a virtual currency trading platform

    Hong Kong Customs has reported a successful crackdown on a major money laundering case, involving a staggering HKD 1.8 billion. According to preliminary investigations, a criminal group consisting of three individuals processed over 1,000 suspicious transactions between June 2021 and July 2022 through the establishment of multiple shell companies and bank accounts, including a significant amount of suspicious fund transfers from virtual currency trading platforms. This indicates that the criminals tried to launder their illegal proceeds by taking advantage of the anonymity of virtual currencies. Currently, Customs has arrested three key members of the criminal group, seized the assets of the involved companies, and confiscated a large number of criminal tools, including mobile phones, company seals, and bank cards. The case is still under further investigation, and more suspects may be arrested. This case once again sounds the alarm, reminding the virtual currency industry to increase vigilance and strictly comply with anti-money laundering regulations.

  • 66,445,000 USDT transferred from Binance to Tether Treasury

    According to on-chain data tracking service Whale Alert, at 4:10 pm Beijing time today, 66,445,000 USDT (66,524,734 USD) was transferred from Binance to Tether Treasury.

  • 2 new wallets withdrew 7.85 million ARB from Coinbase 12 hours ago

    As monitored by The Data Nerd, 2 new wallets withdrew 7.85 million ARB (approximately $8.91 million) from Coinbase 12 hours ago.

  • TeleportDAO has raised $9 million through CoinList public sale and financing

    The Bitcoin cross-chain infrastructure TeleportDAO has raised $9 million through CoinList public sale and financing, with participation from OIG Capital, DefinanceX, Oak Grove Ventures, Candaq Ventures, TON, Across, bitSmiley, and others.

  • Bitcoin L2 network BOB announced that it will launch the mainnet on April 24

    It was announced that the Bitcoin L2 network BOB (Build on Bitcoin) will launch its mainnet on April 24th on the X platform.

  • UniSat reaches 1 million weekly active users

    UniSat announced on social media that its weekly active user count has reached 1 million.

  • A whale bought 8,862 PUPS again before Bitcoin halving, becoming the largest PUPS holder on Solana

    According to Lookonchain monitoring, before the halving of Bitcoin, a whale bought 8,862 PUPS at an average price of $58 (USD).

  • Anza core developers: Solana Devnet second restart was successful

    Starry, the core developer responsible for handling Solana congestion issues, posted on X platform that Solana Devnet has successfully restarted for the second time, and the team is now monitoring the cluster's operation. RPC still needs some time to update and catch up, but the cluster should soon return to normal.