The Hive ransomware gang taken offline
![Image Europol Head of Operations discusses [dismantling of LockBit]](https://incyber.org//wp-content/uploads/2023/12/incyber-news-water-cybersecurite-cybersecurity-885x690.jpg)
A coordinated operation between Europol, FBI and German police took the cybercrime group offline
The darknet site of Hive, one of the biggest ransomware gangs in the world, has been closed since 26 January 2023. Its homepage now bears an image with the logos of the US Department of Justice, the US Secret Service, Europol, the FBI and German police.
It comes with this message: « This hidden site has been seized. The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware. »
On the same day, the US Department of Justice and Europol confirmed they had seized Hive’s servers hosted in the United States. However, no information has been released as to the arrests of any gang members. The US Justice Department has said that the investigation to arrest them is ongoing.
Hive is a Ransomware as a Service (RaaS) group that rents its malware out to affiliates in exchange for a percentage of the ransoms paid. According to the FBI, since June 2021 it has extorted more than $100 million from over 1,000 victims worldwide. The FBI considers Hive to be one of the top five RaaS groups.
In France, Hive is responsible for spectacular attacks against Altice (parent company of SFR, BFM and RMC), Damart and Intersport. Its country of origin has never been confirmed, but there are indications that it is a Russian group.