The Fight against Hive Ransomware May Not Be Done as Yet-Unidentified Artifacts Show
The Hive Ransomware Group managed to accumulate US$130 million in ransom demand from more than 1,500 victims worldwide in their heyday. They trailed their sights on hospitals, school districts, financial firms, and critical infrastructure until the U.S. Department of Justice (DOJ) disrupted their operations.1 But have we seen the group’s demise?
Our indicator of compromise (IoC)2 expansion analysis found more digital breadcrumbs, including:
- Six IP address resolutions of the domains identified as IoCs
- 936 domains that shared the IoCs’ IP hosts, six of which turned out to be malicious
- 28 domains that contained the string privatlab akin to two of the IoCs, one of which was deemed malicious
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
-  https://flashpoint.io/blog/usa-doj-disrupts-hive-ransomware/
-  https://otx.alienvault.com/pulse/63d430d04ee4f7b89d28cc2a