A Russian national suspected of possessing thousands of dollars stolen from the French victims of Hive ransomware was arrested in Paris last week.
While searching his phone, the police seized more than €570,000 in cryptocurrency assets that he allegedly helped steal.
Little was publicized about the suspect except that he is a Russian national, around 40 years old, and lives in Cyprus, according to reporting from French newspaper Le Figaro.
Before its infrastructure was shut down in January, Hive was used to compromise and encrypt data and computer systems of large tech and oil companies, as well as hospitals in Europe and the U.S. Since 2021, it targeted over 1,500 companies worldwide, who lost more than $100 million in ransom payments.
In France, Hive had nearly 60 victims, including the National School of Civil Aviation and several local government services and town halls.
When the victims paid, the ransom was then split between affiliates, who received 80%, and developers who received 20%. During the operation against Hive in January, law enforcement identified the ransomware's decryption keys and shared them with many victims, helping them regain access to their data without paying the cybercriminals.
This effort helped save $130 million in ransom payments.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine.
She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia.
She previously was a tech reporter for Forbes Ukraine.
Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
This Cyber News was published on therecord.media. Publication date: Wed, 13 Dec 2023 18:55:21 +0000