The US Department of State on Thursday announced a $10 million reward for information on leaders of the Hive ransomware cybergang.
The announcement comes roughly one year after law enforcement took down the Hive ransomware operation and seized the group’s Tor-based website.
Launched in June 2021, the Hive ransomware made over 1,500 victims. Its administrators and affiliates likely received over $100 million in ransom payments before the takedown.
In January 2023, the US government announced that more than a dozen law enforcement agencies, including Europol, Dutch and German authorities, and the US Secret Service, participated in the action against Hive.
The FBI said at the time that its agents hacked the group’s network in July 2022, obtaining decryption keys to help victims recover their data and preventing the cybercriminals from receiving up to $130 million in ransom demands.
At the time, the authorities said they were still working on identifying the malware developers, administrators, and other individuals involved in the Hive ransomware operation, reminding the public of a $10 million reward offer for information on cybercriminals.
On Thursday, the US announced a $10 million reward for Hive leaders, and a $5 million reward for information leading to the arrest and/or conviction of any individual linked to the Hive ransomware operation.
“Today, the Department of State is announcing a reward offer of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Hive ransomware variant transnational organized crime group,” the announcement reads.
According to KnowBe4 evangelist Roger Grimes, while this type of rewards should at least make cybercriminals uncomfortable when meeting new people, their effectiveness has yet to be proven.
“I’ve been in cybersecurity for over 35 years and have seen perhaps nearly a dozen rewards offered for various malware writers and ransomware gangs, and I don’t think I know of a cybersecurity ransom that has been paid,” Grimes said in an emailed comment.
Most often, he pointed out, the culprits live in countries that do not cooperate with the US, where they can also pay local authorities for protection, or where their actions are encouraged or supported by the nation’s leaders.
“So, I don’t think rewards by themselves work that well, at least alone. But any pressure we can put on malicious hackers to not do what they do, or at least as much, is a good thing,” Grimes concluded.