Ransomware

Hive

First seen: 2021-06 • Status: disrupted

Disrupted by Law Enforcement

Hive was a massive ransomware gang that attacked hospitals and schools. The FBI secretly hacked them and shut them down, saving victims $130 million.

Overview

Hive was a major ransomware-as-a-service operation that attacked over 1,500 victims globally. The FBI infiltrated and shut down their infrastructure in 2023.

Also Known As

Hive Ransomware

How It Spreads

  • Phishing
  • RDP exploitation
  • VPN vulnerabilities
  • Leaked credentials

What It Does

  • File encryption
  • Data theft
  • Double extortion

Is your business exposed?

Target Platforms

Windows, Linux, VMware ESXi

Detection Tips

  • Monitor for Hive signatures
  • Watch for ESXi targeting

MITRE ATT&CK Techniques

T1486, T1567, T1490

If You're Infected

  1. 1.

    Check for free decryptor from FBI

  2. 2.

    Report to law enforcement

Related Malware

Conti, Blackcat

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices