According to security researchers who gathered data from Hive’s administrator panel, affiliates of the well-known ransomware group managed to breach over 350 organizations in only 4 months. This means that the number of the average attacks raised to 3 companies attacked per day, starting in June when the gang’s operation was widely revealed. It is known that Hive ransomware emerged on the 23rd of June with its first publicly known cyberattack. At that time, the gang attacked the Canadian IT company Altus Group. In the beginning, it was not clear if the Hive ransomware gang worked as a ransomware as a service (RaaS) business model, according to an analysis by Group-IB researchers on this cybercrime group. In early September, however, a user under the nickname “kkk” gave a reply on a thread from “reputable” ransomware programs saying that they are in search of partners to join them, partners who already own access to corporate networks. The message under the discussion also gave details about how the ransom would be split, as 80% would have been for affiliates and the rest for the developers. The researchers managed to capture a self-destructing note where technical data was provided in relation to the file-encrypting malware. Upon review, they managed to identify that the RaaS operation the user was advertising for was indeed related to Hive ransomware
12 Essentials for a Successful SOC Partnership
Binary Defense
January 12, 2023
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security
