Dive Brief:
Dive Insight:
Hive first emerged in June of last year. By the third quarter of 2021, the group already was ranked as the fourth most active ransomware group by threat intelligence firm Intel 471. Group-IB Threat Intelligence analysts said in September that Hive had targeted more than 350 companies.
The group has multiple tactics, including phishing and compromising VPNs. It often sends a ransom note telling users not to delete or modify files and warning that if they go to the authorities the encryption key will be erased, according to the analysis.
Hive's encryption method prevents security researchers from seeing the ransom note and monitoring negotiations, the HHS said. Its ransomware moves laterally through a system and seeks out backups, shadow copies and snapshots while targeting antivirus software, according to the FBI.
Hospitals
Support the originator by clicking the read the rest link below.