The Fight against Hive Ransomware May Not Be Done as Yet-Unidentified Artifacts Show | WhoisXML API

Threat Reports

The Fight against Hive Ransomware May Not Be Done as Yet-Unidentified Artifacts Show

The Hive Ransomware Group managed to accumulate US$130 million in ransom demand from more than 1,500 victims worldwide in their heyday. They trailed their sights on hospitals, school districts, financial firms, and critical infrastructure until the U.S. Department of Justice (DOJ) disrupted their operations.1 But have we seen the group’s demise?

Our indicator of compromise (IoC)2 expansion analysis found more digital breadcrumbs, including:

  • Six IP address resolutions of the domains identified as IoCs
  • 936 domains that shared the IoCs’ IP hosts, six of which turned out to be malicious
  • 28 domains that contained the string privatlab akin to two of the IoCs, one of which was deemed malicious

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://flashpoint.io/blog/usa-doj-disrupts-hive-ransomware/
  • [2] https://otx.alienvault.com/pulse/63d430d04ee4f7b89d28cc2a
Try our WhoisXML API for free
Get started