Via a sophisticated “cyber stakeout,” the FBI pwned Hive, one of the most prolific and dangerous ransomware gangs on the web. While little is known about who is behind Hive or where the gang’s core members are located, we know one thing for sure: these guys are giant douchebags. This much is obvious because Hive has spent much of its cybercriminal career going after hospitals and medical organisations — even during the Covid-19 pandemic. Additionally, the gang has taken swings at a lot of big targets, going after large corporations, governments, and banks, with little concern for the fallout. Here’s a quick rundown on some of its activities.
1. Hacking a Costa Rican Public Health Agency
Known for going after health organisations, Hive took aim at one of Costa Rica’s public health agencies in 2022. The Costa Rican Social Security Fund (CCSS), was forced to take some of its computer systems offline, and the attack otherwise made a real mess of things for the country.
2. Crippling Europe’s Largest Tech Retailer
One of Hive’s most prominent victims was MediaMarkt, a large German chain of technology retail stores. The attack reportedly caused cash registers to malfunction and spurred disruptions at store locations in both Germany and the Netherlands. In exchange for the data, Hive operators demanded a ridiculously high ransom — $US240 ($333) million.
3. Hacking an Ohio Healthcare System
The non-profit Memorial Healthcare System, a small network of hospitals in Ohio, fell victim to one of Hive’s attacks in the summer of 2021. The attack notably took place in the midst of the Covid-19 pandemic, when cases were particularly bad in Ohio. The attack also disrupted and delayed scheduled medical procedures. To add insult to injury, Bleeping Computer reported that Hive had stolen the personal information of some 200,000 patients.
4. Hacking One of Indonesia’s Largest Gas Suppliers
Another one of Hive’s victims was Perusahaan Gas Negara, or PGN, one of Indonesia’s large energy providers. In April of 2022, it was reported that Hive had hacked the oil company, and later likely leaked some 400 gigabytes of the firm’s data.
5. Hacking the Central Bank of Zambia (which replied with a dick pic)
Last year, it was reported that Hive had attacked the Bank of Zambia, which is the nation’s central bank. However, in a pretty hilarious turn of events, the bank refused to pay, instead sending a picture of a penis to the cybercriminals with a note that read: “Suck this dick and stop blocking banking networks.” They do things differently Zambia, apparently. Take note, America!
6. Zapping an Entire Town in Spain
While not actually a town (its technical designation is an “autonomous community”), Navarro, Spain is a beautiful place to visit, but it wasn’t so fun to live there after Hive attacked the community in May of 2022, forcing hundreds of organisations to take their IT systems offline.
7. Stealing Data on 270,000 People from a Louisiana Healthcare System
In late December, it was reported that Hive had attacked the Lake Charles Memorial Health System in Louisiana. While the healthcare provider was able to defend itself from the attack (given the FBI’s involvement in Hive’s network at this point, one would have to wonder if they helped out with that), Hive operators managed to access the data of 270,000 patients. No malware was ultimately deployed on the health system’s networks, however.