Begin typing your search above and press return to search.
proflie-avatar
Login
exit_to_app
Kamala or Trump?
access_time 5 Nov 2024 4:05 AM GMT
Break up or get dissolved
access_time 4 Nov 2024 4:01 AM GMT
Through oneness to autocracy
access_time 2 Nov 2024 4:58 AM GMT
In football too racism rules the roost
access_time 1 Nov 2024 4:26 AM GMT
The concerns raised by the census
access_time 31 Oct 2024 7:49 AM GMT
exit_to_app
Homechevron_rightTechnologychevron_rightWorldwide attack: Hive...

Worldwide attack: Hive ransomware hackers extorts $100 million from victims

text_fields
bookmark_border
Worldwide attack: Hive ransomware hackers extorts $100 million from victims
cancel

San Francisco: According to the warning released by the US government, the notorious Hive ransomware gang has extorted $100 million from around 1,300 companies worldwide.

"From June 2021 through at least November 2022, threat actors have used Hive ransomware to target a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information technology, and healthcare," said the joint advisory by the FBI, the US Cyber security and Infrastructure Security Agency, and the Department of Health and Human Services.

The attackers follow the ransomware as a service (RaaS) model which is subscription based and enables affiliates to use already developed ransomware tools to execute attacks.

The Hive actors have bypassed multi-factor authentication (MFA) and gained access to servers of the company by exploiting common vulnerabilities and exposures.

"This vulnerability enables a malicious cyber actor to log in without a prompt for the user's second authentication factor (FortiToken) when the actor changes the case of the username," according to the joint advisory.

Hive also attacked Indian power generation company Tata Power in October. The Mumbai based company had said that the attack impacted some of its IT systems.

Microsoft's Threat Intelligence Center (MSTIC) researchers have warned that Hive upgraded its malware, enabling it to use a more complex encryption method for its ransomware as a service payload.

"Hive actors negotiate ransom demands in US dollars, with initial amounts ranging from several thousand to millions of dollars. Hive actors demand payment in Bitcoin," according to the US advisory.

The advisory also warns that Hive actors re-infect the victims who restored their servers without paying a ransom either with Hive or other ransomware variants.

-IANS with Inputs

Show Full Article
TAGS:Cybersecurity#FBIHackingRansomware attacks
Next Story