This article is more than 1 year old
Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA
New meaning to sweetening the pot
Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty.
The $10 million bounty is part of the US State Department's Rewards for Justice program, and in a Thursday tweet the agency sought tips for Hive members "acting under the direction or control of a foreign government." The notice also referenced the FBI's Hive website takedown, which the feds announced earlier that day.
"If you have information that links Hive or any other malicious cyber actors targeting US critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward," it said.
FBI disrupts the Dark Web site of the Hive ransomware group.If you have information that links Hive or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward. https://t.co/7Bqz0DUSCf pic.twitter.com/n8U3TNC7lh— Rewards for Justice (@RFJ_USA) January 26, 2023
Hive is a ransomware-as-a-service crew believed to have ties to Russia. Since it appeared in June 2021, this particular crime ring has hit more than 1,500 victims globally and extorted more than $100 million in ransom payments, according to the US government.
Earlier this week, the US and international law enforcement partners shut down Hive's ransomware infrastructure following a seven-month covert operation. During that time, the FBI hacked Hive's network and used that access to provide decryption keys to more than 300 victims, saving them $130 million in ransomware payments, we're told.
US Attorney General Merrick Garland, speaking to reporters about the Hive bust, said no arrests have been made, adding: "Our investigation into the criminal conduct of Hive members remains ongoing." When asked about Hive's connection to the Kremlin, Garland declined to answer, noting "we're in the middle of an ongoing investigation."
On Friday, Moscow's communications and IT regulator Roskomnadzor said it blocked US government websites and accused them of spreading lies about the Russian government and military.
In a statement provided to Russian media outlets, Roskomnadzor said it "restricted access to a number of resources belonging to state structures of hostile countries for distributing materials aimed at destabilizing the social and political situation in the Russian Federation."
- FBI smokes ransomware Hive after secretly buzzing around gang's network for months
- Hive ransomware crooks extort $100m from 1,300 global victims
- US reveals 'Target' pic of Conti man with $10m reward offer
- UK Cyber Security Centre's scary new story: One phish, two phish, Russia phish, Iran phish
These websites include the CIA, FBI and US State Department's Rewards for Justice.
"These resources revealed materials containing unreliable socially significant information, as well as discrediting the armed forces of the Russian Federation," the federal agency said.
The Rewards for Justice program has offered similar $10 million prizes for cybercriminals linked to Russia's Conti ransomware crew, GRU officers linked to the Kremlin-backed Sandworm gang, Russia's Internet Research Agency (IRA), businessman Yevgeniy Viktorovich Prigozhin, and any "linked Russian entities and associates for their engagement in US election interference."
The IRA is a Russian troll farm charged with interfering in the 2016 presidential election and is thought to have helped Donald Trump defeat Hillary Clinton, and Prigozhin was the alleged money man behind the operation. ®