The FBI has released information about Hive ransomware

The (FBI) released some technical details related to Hive ransomware attacks.

The FBI even included the link to the leak site where the ransomware team is posting that have been stolen by companies that did not pay a ransom.

screenshot 2021 08 27 at 08 28 22 fbi shares technical details for hive ransomware

Hive ransomware uses various concealment techniques and procedures, which make it very difficult for organizations to defend themselves against attacks, according to the FBI.

Among the methods the team uses to gain access to and hide from the web are malicious attachments and remote desktop attacks (RDP).

Before encryption, Hive ransomware steals files deemed valuable to pressure the victim into paying the ransom under threat of data.

The FBI says that αναζητά διεργασίες για τη δημιουργία αντιγράφων , and security solutions (such as Windows Defender) that would prevent the data encryption process and terminate it.

This step is followed by the use of one hive.bat script running a cleansing process, deleting himself when his mission is over.

Another script shadow.bat is in charge of deleting the copies, backup files and snapshots of the system and then deletes it from the compromised server.

The FBI reports that some victims of ransomware Hive said that the perpetrator contacted them asking them to pay a ransom in exchange for the stolen files.

He also notes that the team uses file sharing services, many of which are anonymous, such as Anonfiles, MEGA, Send.Exploit, Ufile and SendSpace.
Although first spotted in late June, Hive ransomware has already breached more than 30 organizations this summer, a count that includes only victims who have refused to pay a ransom.

The FBI recommends that you do not pay ransomware groups to discourage them from operating. In addition, there is no guarantee that the perpetrator will destroy the stolen data instead of selling it or giving it to third parties.

Whether the victim decides whether to pay for the ransomware or not, the FBI urges companies to report ransomware incidents to help investigators with critical information identify the attackers and be accountable for their actions.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

fbihiveransomware

Hive, ransomware, fbi, iguru.gr, iguru

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).