Hive was first discovered in June 2021 and is a collaborative variant of ransomware designed to target various sectors globally, including healthcare institutions, non-profit organizations, retailers, and more.
Its structure is built upon the Ransomware-as-a-Service (*1) model, allowing it to be utilized based on specific requirements.
The ransomware is developed using the GO language and compressed using UPX.
It employs AES + RSA encryption algorithms.
The typical modus operandi is “Double Extortion,” where sensitive data is not only encrypted but also threatened to be leaked.
The contact method used is Live Chat, an online chat system, which differs from the traditional method of using email.
According to Chainalysis’ statistical report, Hive ransomware ranked 8th in the list of the most profitable ransomware globally in 2021.
Since Hive ransomware is being rented out to others as a weapon, it comes as no surprise that it offers an attractive and user-friendly interface.
The dashboard provided to renters allows them to view statistics such as the number of businesses encrypted, the number of businesses that have paid, the total amount paid, and more.
This user-friendly interface enhances the efficiency of the rental process and makes it easier for attackers to carry out their malicious activities.
Hive Live Chat
Does it look very similar to a customer service personnel’s response interface?
Latest News
1.As of January 2022, there was news about South Korean researchers finding a way to reverse-engineer the Master Key. This development eliminates the need for hackers to possess the private keys.
The researchers discovered encryption vulnerabilities in the location where the Master Key is generated and stored.
Using this information, they were able to reverse-engineer and partially reconstruct the Master Key.
2.In January 2023, US officials announced a heartening piece of news. FBI Director stated during a press conference that since July 2022, the FBI had gained exceptional access to HIVE’s computer networks, allowing the bureau to provide victims with “private keys” preventing $130 million in ransom payments.
“Simply put, using lawful means, we hacked the hackers,”
var uagb_data = {"ajax_url":"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php","uagb_masonry_ajax_nonce":"b90f501051"};
var uagb_data = {"ajax_url":"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php","uagb_masonry_ajax_nonce":"b90f501051","uagb_grid_ajax_nonce":"ba32b183e3"};
( function() {
let elements = document.querySelectorAll( '.uagb-post-grid.uagb-block-404cea7c .uagb-post-pagination-wrap a' );
elements.forEach(function(element) {
element.addEventListener("click", function(event){
event.preventDefault();
const link = event.target.getAttribute('href').match( /\/page\/\d+\// )?.[0] || '';
const regex = /\d+/; // regular expression to match a number at the end of the string
const match = link.match( regex ) ? link.match( regex )[0] : 1; // match the regular expression with the link
const pageNumber = parseInt( match ); // extract the number and parse it to an integer
window.UAGBPostGrid._callAjax({"btnBorderStyle":"none","block_id":"404cea7c","excerptLength":30,"excludeCurrentPost":true,"paginationMarkup":"<span class=\"page-numbers current\">1<\/span>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/2\/?_locale=user\">2<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/3\/?_locale=user\">3<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/4\/?_locale=user\">4<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/5\/?_locale=user\">5<\/a>\n<span class=\"page-numbers dots\">...<\/span>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/7\/?_locale=user\">7<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/8\/?_locale=user\">8<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/9\/?_locale=user\">9<\/a>\n<a class=\"page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/10\/?_locale=user\">10<\/a>\n<a class=\"next page-numbers\" href=\"https:\/\/zyrastory.com\/wp-admin\/admin-ajax.php\/page\/2\/?_locale=user\">Next \u00bb<\/a>","btnBorderLink":true,"btnBorderRadiusLink":true,"overallBorderLink":true,"overallBorderRadiusLink":true,"inheritFromTheme":true,"postType":"post","postDisplaytext":"No post found!","taxonomyType":"category","postsToShow":6,"enableOffset":false,"postsOffset":0,"displayPostDate":true,"displayPostExcerpt":true,"displayPostAuthor":false,"displayPostTitle":true,"displayPostComment":true,"displayPostTaxonomy":false,"hideTaxonomyIcon":true,"taxStyle":"default","displayPostTaxonomyAboveTitle":"withMeta","displayPostImage":true,"imgSize":"large","imgPosition":"top","bgOverlayColor":"#000000","overlayOpacity":"50","displayPostLink":true,"newTab":false,"ctaText":"Read More","btnHPadding":"","btnVPadding":"","columns":3,"tcolumns":2,"mcolumns":1,"align":"left","width":"wide","order":"desc","orderBy":"date","rowGap":20,"rowGapTablet":20,"rowGapMobile":20,"columnGap":20,"bgType":"color","bgColor":"#f6f6f6","titleTag":"h4","titleFontSize":"","titleFontSizeType":"px","titleFontFamily":"","titleLineHeightType":"em","titleLoadGoogleFonts":false,"metaColor":"","highlightedTextColor":"#fff","highlightedTextBgColor":"#3182ce","metaFontSize":"","metaFontSizeType":"px","metaFontFamily":"","metaLineHeightType":"em","metaLoadGoogleFonts":false,"excerptColor":"","excerptFontSize":"","excerptFontSizeType":"px","excerptFontFamily":"","excerptLineHeightType":"em","excerptLoadGoogleFonts":false,"displayPostContentRadio":"excerpt","ctaBgType":"color","ctaBgHType":"color","ctaFontSize":"","ctaFontSizeType":"px","ctaFontFamily":"","ctaLineHeightType":"em","ctaLoadGoogleFonts":false,"paddingTop":20,"paddingBottom":20,"paddingRight":20,"paddingLeft":20,"contentPadding":20,"ctaBottomSpace":0,"ctaBottomSpaceTablet":0,"ctaBottomSpaceMobile":0,"imageBottomSpace":15,"titleBottomSpace":15,"metaBottomSpace":15,"excerptBottomSpace":25,"contentPaddingUnit":"px","rowGapUnit":"px","columnGapUnit":"px","excerptBottomSpaceUnit":"px","paginationSpacingUnit":"px","imageBottomSpaceUnit":"px","titleBottomSpaceUnit":"px","metaBottomSpaceUnit":"px","ctaBottomSpaceUnit":"px","paddingBtnUnit":"px","mobilePaddingBtnUnit":"px","tabletPaddingBtnUnit":"px","paddingUnit":"px","mobilePaddingUnit":"px","tabletPaddingUnit":"px","isPreview":false,"taxDivider":", ","titleLetterSpacing":"","titleLetterSpacingType":"px","metaLetterSpacing":"","metaLetterSpacingType":"px","ctaLetterSpacing":"","ctaLetterSpacingType":"px","excerptLetterSpacing":"","excerptLetterSpacingType":"px","useSeparateBoxShadows":true,"boxShadowColor":"#00000070","boxShadowHOffset":0,"boxShadowVOffset":0,"boxShadowBlur":"","boxShadowSpread":"","boxShadowPosition":"outset","boxShadowColorHover":"","boxShadowHOffsetHover":0,"boxShadowVOffsetHover":0,"boxShadowBlurHover":"","boxShadowSpreadHover":"","boxShadowPositionHover":"outset","borderWidth":"","borderStyle":"none","borderColor":"","borderRadius":"","blockName":"post-grid","equalHeight":true,"postPagination":false,"pageLimit":10,"paginationBgActiveColor":"#e4e4e4","paginationActiveColor":"#333333","paginationBgColor":"#e4e4e4","paginationColor":"#777777","paginationLayout":"filled","paginationBorderColor":"#888686","paginationBorderSize":1,"paginationSpacing":20,"paginationAlignment":"left","paginationPrevText":"\u00ab Previous","paginationNextText":"Next \u00bb","layoutConfig":[["uagb\/post-image"],["uagb\/post-taxonomy"],["uagb\/post-title"],["uagb\/post-meta"],["uagb\/post-excerpt"],["uagb\/post-button"]],"post_type":"grid","equalHeightInlineButtons":false,"imageRatio":"inherit","imgEqualHeight":false,"paginationType":"ajax","extended_widget_opts_block":{},"extended_widget_opts":{},"extended_widget_opts_state":"","extended_widget_opts_clientid":"","dateUpdated":""}, pageNumber, '404cea7c');
});
});
} )();
ai_front = {"insertion_before":"BEFORE","insertion_after":"AFTER","insertion_prepend":"PREPEND CONTENT","insertion_append":"APPEND CONTENT","insertion_replace_content":"REPLACE CONTENT","insertion_replace_element":"REPLACE ELEMENT","visible":"VISIBLE","hidden":"HIDDEN","fallback":"FALLBACK","automatically_placed":"Automatically placed by AdSense Auto ads code","cancel":"Cancel","use":"Use","add":"Add","parent":"Parent","cancel_element_selection":"Cancel element selection","select_parent_element":"Select parent element","css_selector":"CSS selector","use_current_selector":"Use current selector","element":"ELEMENT","path":"PATH","selector":"SELECTOR"};