They are said to be responsible for hundreds of cyber attacks and blackmail from the dismantled “Hive” network – now investigators in Ukraine have arrested a suspected hacker leader and accomplice.
Investigators from Germany, the USA, Ukraine and other countries have arrested the 32-year-old alleged leader of a notorious hacker group and four of his main accomplices in Ukraine. According to the European police authority Europol, officers searched 30 properties in western and central Ukraine last week and managed to get hold of the suspects.
These are said to be responsible for several hundred of the most serious cyber attacks and extortions worldwide, which are attributed to the “Hive” network, as the Stuttgart public prosecutor’s office and the Reutlingen police headquarters explained. Those arrested are also said to be behind two serious attacks in the Esslingen district and the Bodensee district in Baden-Württemberg as well as twelve other cases in Germany.
A high six-figure amount in cryptocurrency was seized from one of the accused. Initial analyzes have confirmed that part of this sum comes from ransom payments from attacked companies to the “Hive” group.
This global network of cybercriminals was dismantled ten months ago.
250 servers in 71 countries infected
With the help of the data and accounts secured at the time from “Hive” and its users, numerous security authorities from Europe and the USA conducted intensive investigations to identify the perpetrators operating on the Darknet. The Stuttgart public prosecutor’s office and the Reutlingen police said a lead led to several suspects in Ukraine, including the 32-year-old. He is said to have “a leading role” in a group that operates, among other things, behind “Hive”.
According to Europol, the hacker group attacked companies and other institutions in 71 countries and infected around 250 servers, resulting in losses amounting to several hundred million euros. The actors therefore specifically targeted large companies and paralyzed their activities.
In such attacks with so-called ransomware, hackers encrypt the data of affected companies, private individuals or authorities and then demand a ransom to release the data. “Hive” was a type of illegal service provider that made its ransomware available to hackers.
As Europol announced, international investigations into other suspects are ongoing.