Hive ransomware

GPTKB entity

Statements (32)
Predicate Object
gptkbp:instanceOf malware
gptkbp:affects organizations worldwide
gptkbp:announced gptkb:US_Department_of_Justice
gptkbp:associatedWith Ransomware-as-a-Service (RaaS)
gptkbp:discoveredBy June 2021
gptkbp:distributedBy phishing emails
exploited vulnerabilities
remote desktop protocol (RDP) compromise
gptkbp:enemyOf data exfiltration
double extortion
encryption of files
https://www.w3.org/2000/01/rdf-schema#label Hive ransomware
gptkbp:language English
gptkbp:notableEvent FBI infiltrated Hive servers
FBI prevented $130 million in ransom payments
FBI provided decryption keys to victims
gptkbp:notableVictim gptkb:energy
gptkb:government_agency
healthcare organizations
gptkbp:platform gptkb:Windows
gptkb:Linux
gptkbp:publiclyAnnouncedDate January 26, 2023
gptkbp:ransomDemanded gptkb:cryptocurrency
gptkbp:ransomNoteFile HOW_TO_DECRYPT.txt
gptkbp:shutDownBy gptkb:FBI
gptkbp:shutDownDate January 2023
gptkbp:supportsAlgorithm gptkb:RSA
gptkb:ChaCha20
gptkbp:usesMalware malware
gptkbp:websiteTakenDownBy gptkb:law_enforcement
gptkbp:bfsParent gptkb:Conti_ransomware
gptkbp:bfsLayer 7