.png)
The American FBI and Australian police have apprehended two individuals suspected of being linked to the Hive ransomware. Also known as Firebird, Hive has reportedly impacted more than 1500 victims, including MediaMarkt.
According to the country's police, one of the suspects is an Australian man believed to have been involved in the development of Hive. This individual allegedly marketed licenses for the remote access tool on a hacker forum. The other suspect, a 24-year-old American, is accused of promoting the malware online on behalf of the developer and assisting in its sale, as stated by the FBI. Additionally, he was responsible for providing customer support.
The Australian suspect is accused of activities such as creating, managing, and distributing 'data intended for use in committing computer crimes'. He could face a prison term of up to 36 years. On the other hand, the American suspect is facing charges related to advertising and distributing the malware, each carrying a maximum prison sentence of five years.
Hive ransomware enabled cybercriminals to remotely seize control of computers, enabling them to steal and encrypt sensitive information like login credentials. MediaMarkt in the Netherlands is one of the well-known victims of Hive, encountering an attack in November 2021. In the United States, Hive was implicated in attacks on hospitals among other targets. About a year ago, Europol disclosed that various law enforcement agencies, including the Dutch Police, cooperated to shut down the ransomware servers through a joint operation.
English (US)