The FBI has released information about Hive ransomware

The Federal Bureau of Investigation (FBI) has released some technical details related to Hive ransomware.

The FBI even included the link to the leak site where the ransomware team publishes data stolen from companies that did not pay a ransom.

screenshot 2021 08 27 at 08 28 22 fbi shares technical details for hive ransomware

Hive ransomware uses various concealment techniques and procedures, which make it very difficult for organizations to defend themselves against attacks, according to the FBI.

Among the methods the team uses to gain access to and hide from the web are malicious attachments and remote desktop attacks (RDP).

Before the , Hive ransomware steals files deemed valuable, to pressure the victim into paying the ransom under the threat of data leakage.

The FBI says that software looks for backup processes, and security solutions (such as Windows Defender) that would prevent the data encryption process and terminates them.

This step is followed by the use of one hive.bat script running a cleansing process, deleting himself when his mission is over.

Another script shadow.bat is in charge of deleting copies, backups and system snapshots and then deleted from the compromised host.

The FBI reports that some victims of ransomware Hive said that the perpetrator contacted them asking them to pay a ransom in exchange for the stolen files.

He also notes that the team uses file sharing services, many of which are anonymous, such as Anonfiles, MEGA, Send.Exploit, Ufile and SendSpace.
Although first spotted in late June, Hive ransomware has already breached more than 30 organizations this summer, a which only includes victims who refused to pay the ransom.

The FBI recommends that you do not pay ransomware groups to discourage them from operating. In addition, there is no guarantee that the perpetrator will destroy the stolen data instead of selling it or giving it to third parties.

Whether the victim decides whether to pay for the ransomware or not, the FBI urges companies to report ransomware incidents to help investigators with critical information identify the attackers and be accountable for their actions.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

fbihiveransomware

Hive, ransomware, fbi, iguru.gr, iguru

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).