Uncle Sam Sweetens The Pot With $15M Bounty On Hive Ransomware Gang Members

The US government has placed an extra $5 million bounty on Hive ransomware gang members – its second such reward in a year. And it also comes a little over 11 months since the FBI said it had shut down the criminal organization's network.

On Thursday, the State Department reaffirmed it will pay up to $10 million for information leading to the identification and/or location of anyone holding or held "key" leadership positions in the organized crime crew. The FBI has also put up an additional $5 million award for information leading to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."

The multi-million-dollar rewards come a little more than a year after the FBI, working with international law enforcement, seized control of the gang's servers and websites following a seven-month covert surveillance operation.

The FBI was as a result ultimately able to provide decryption keys to more than 1,300 current and previous victims of Hive around the globe, saving them a collective $130 million in ransomware payments and "crippling Hive's ability to sting again," FBI director Christopher Wray boasted at the time.

A few days later, the State Department offered a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, even seeking information on Hive members "acting under the direction or control of a foreign government."

The crew, which appeared in 2021, is believed to have ties to the Russian state.

• FBI smokes ransomware Hive after secretly buzzing around gang's network for months
• Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA
• As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?
• New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies

Despite this and other high-profile take-downs of cyber-gangs, online crooks continue to make a killing from their extortion demands, with dozens of newbies entering the fray last year alone.

Chainalysis, in its 2023 review published this week, estimated that ransomware crews raked in more than $1 billion in extorted cryptocurrency payments from victims last year, compared to $567 million in 2022.

The cryptocurrency analytics firm also noted that the Hive takedown likely played a non-trivial role in the 2022 drop in ransomware payments, which otherwise have been escalating since 2019.

The FBI's $130 million estimate "may not tell the whole story," the report noted, because it only takes into account ransoms directly averted by the decryptor keys. For its part, Chainalysis reckoned the Hive bust more likely averted at least $210.4 million in ransomware payments. 

"During the six months the FBI infiltrated Hive, total ransomware payments across all strains hit $290.35 million," Chainalysis observed. "But our statistical models estimate an expected total of $500.7 million during that time period, based on attacker behavior in the months before and after the infiltration – and that's a conservative estimate." ®