U.S. has announced a reward of up to $10 million for any information that can link to the Hive ransomware group. This comes after the FBI revelation that ransomware operations had extorted around $100 million from 1,500 companies since 2021. The State Department made the announcement on its Rewards for Justice Twitter account. It was to encourage anyone with information to come forward via their Tor tip line.

The reward for locating Hive ransomware group

The State Department’s Transnational Organized Crime Rewards Program (TOCRP) has been offering rewards of up to $15 million for tips. These tips can help locate members of the Conti, REvil (Sodinokibi), and Darkside ransomware operations. The program has paid out over $135 million in rewards since 1986.

The reward offer comes after the FBI successfully infiltrated the Hive ransomware’s servers at a hosting provider in California. It secretly monitored the operation for six months. Dutch police also gained access to the group’s backup servers hosted in the Netherlands. As a result of the operation, the FBI was able to warn targets of upcoming attacks. It distributes over 1,300 decryption keys to Hive victims, saving them at least $130 million in ransom payments. The FBI also discovered Hive’s communication records, malware file hashes, and information on 250 Hive affiliates.

On 26th Jan, the Justice Department made an announcement that Hive’s Tor websites seize. These were part of an international law enforcement operation. The gang’s Tor payment and data leak sites now display an animated seizure banner warning. It is for other ransomware gangs of this coordinated action and listing the law enforcement organizations and countries involved. The seizure notice reads, “This hidden site has been seized. The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware. United States Attorney’s Office in Florida help in this action. The Department of Justice’s Computer Crime and Intellectual Property Section with substantial assistance from Europol.

Us’s a message to threat actors

The State Department’s reward offer is a clear message to cybercriminals that the U.S. government is taking a strong stance against malicious cyber activities targeting U.S. critical infrastructure. The FBI’s successful infiltration of the Hive ransomware group and the international law enforcement operation to take down the group serves as a warning to other cybercriminals that the U.S. government will not tolerate such activities and will use all available resources to bring them to justice.

The State Department encourages anyone with information about the Hive ransomware group or other cybercriminals targeting U.S. critical infrastructure to come forward via their Tor-based tip line, Signal, Telegram, or WhatsApp. The U.S. government is committed to protecting U.S. citizens and businesses from cybercrime, and the TOCRP rewards program is an important tool in this effort. By offering significant rewards for information that can help disrupt and dismantle these criminal organizations. The U.S. government is sending a message that cybercrime will not be tolerated and that those who engage in such activities will be held accountable.