Security Experts:

Connect with us

Hi, what are you looking for?



US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive operation.

Hive Ransomware Shutdown

Following the shutdown of the Hive ransomware operation by law enforcement, the US government has reminded the public that a reward of up to $10 million is offered for information on cybercriminals.

Authorities in the United States and Europe announced on Thursday the results of a major law enforcement operation targeting the Hive ransomware. More than a dozen agencies collaborated to take down the Tor-based leak website used by the group and other parts of its infrastructure, including servers located in Los Angeles.

The FBI revealed that Hive’s ‘control panel’ was hacked by agents in July 2022, allowing them to identify targets and obtain decryption keys that allowed victims to recover encrypted files. The FBI and Europol said they prevented the payment of more than $130 million to the cybercriminals. 

The Hive ransomware operation was launched in June 2021 and it has since made more than 1,500 victims across roughly 80 countries. It’s believed that administrators and affiliates made approximately $100 million from ransom payments. 

Authorities continue to investigate Hive in an effort to identify the threat actors involved in the operation, including developers, administrators and affiliates. 

After the operation against Hive was announced on Thursday, the US State Department reiterated that it’s prepared to pay up to $10 million for information on the identity or location of foreign state-sponsored threat actors that have targeted critical infrastructure. This includes individuals linked to Hive. 

At least some of the people involved in the Hive ransomware operation are believed to be Russian speakers. However, during a press conference announcing the law enforcement operation against Hive on Thursday, US officials refused to comment on potential ties to Russia, citing the ongoing investigation. 

The US government previously reiterated its $10 million reward offer for leaders of the Conti ransomware operation, North Korean hackers, Russian intelligence officers, and DarkSide ransomware operators.

Related: US Government Shares Photo of Alleged Conti Ransomware Associate

Related: US Offers $10 Million Reward Against Election Interference

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Dole was forced to shut down systems in North America due to a ransomware attack, which has reportedly led to salad shortages in some...


More than 3,800 servers around the world have been compromised in recent ESXiArgs ransomware attacks, which also include an improved process.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.