Department of Justice Takes Down Hive, a Major Ransomware Group

The DOJ said it stopped victims, including hospitals, schools and infrastructure operators worldwide, from paying $130 million in ransom.

Andrew Blok Editor I
Andrew Blok is a former editor for CNET who covered home energy, with a focus on solar. As an environmental journalist, he navigates the changing energy landscape to help people make smart energy decisions. He's a graduate of the Knight Center for Environmental Journalism at Michigan State and has written for several publications in the Great Lakes region, including Great Lakes Now and Environmental Health News, since 2019. You can find him in western Michigan watching birds.
Expertise Solar providers and portable solar power; coffee makers, grinders and products Credentials
  • Master's degree in environmental journalism
Andrew Blok
smartphone with a keyhole lock

A major cybersecurity threat has been disabled, according to the Department of Justice.

Angela Lang/CNET

The Department of Justice has disrupted the operations of a ransomware group known as Hive, helping victims avoid $130 million in ransom payments, the agency said Thurday. 

Hive used a network of "affiliates" to extort hospitals, infrastructure operators, school districts, financial institutions and more in 80 countries around the world, according to the DOJ. Hive's malware would encrypt computer systems after affiliates stole sensitive documents. Affiliates would demand ransom for both the data and a decryption key.

Watch this: DOJ Stops Hive Ransomware Network

The Justice Department infiltrated the group starting in July 2022, according to a release.  

The DOJ said it has delivered decryption keys to 300 entities that were currently under attack and 1,000 decryption keys to previous victims of the group. Hive had targeted over 1,500 victims worldwide world since 2021, the department said.

Experts have warned that cyberattacks on critical infrastructure remain a serious threat. In 2021, a ransomware attack shut down the Colonial Pipeline for five days in the US and concern over gas shortages cause prices to jump.