The Department of State has announced a reward offer of up to $10,000,000 for information leading to the identification and/or location of any individual who holds a key leadership position in the Hive ransomware variant transnational organized crime group. There is an additional reward of up to $5,000,000 for information leading to the arrest and/or conviction of any individual in any country conspiring to participate in or attempting to participate in Hive ransomware activity.
The Hive ransomware variant, first discovered in 2021, targeted victims in over 80 countries around the world, including hospitals, school districts, financial firms, and critical infrastructure, resulting in several multi-million dollar ransom payments.
Beginning in late July 2022, the FBI penetrated Hive’s computer networks, obtained its decryption keys, and offered them to victims worldwide, preventing victims from having to pay $130 million in ransoms demanded. After infiltrating Hive’s networks, the FBI provided over 300 decryption keys to Hive victims who were under attack. In addition, the FBI distributed over 1,000 additional decryption keys to previous Hive victims.
Ransomware is a type of malicious software, or malware, which prevents a user from accessing computer files, systems, or networks until a ransom is paid for their return. The Hive ransomware operated as a service wherein the extortion profit was shared between the ransomware owners, developers, and the affiliates that effectuated the computer intrusions and deployed the ransomware.
In January, the Department of Justice, in coordination with German law enforcement and the Netherlands National High Tech Crime Unit, seized control of the servers and websites that Hive uses to communicate with its members, disrupting Hive's ability to attack and extort victims.
If you have information on Hive leaders, please contact the FBI at +1-321-297-6292 on Signal or Telegram. All identities are kept strictly confidential.
“The Justice Department will spare no resource to identify and bring to justice, anyone, anywhere, who targets the United States with a ransomware attack,” said Attorney General Merrick Garland. “We will continue to work both to prevent these attacks and to provide support to victims who have been targeted. And together with our international partners, we will continue to disrupt the criminal networks that deploy these attacks.”