PanelActoresCampanasMapaTTPs
Panel » Actores » hive
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
hive logo

hive

1 incidentes 0 paises 1 sectores ransomware RU Ultimo: 2026-06-25
Ver en IntelTracker → APTTrail →
Hive emerged in June 2021 as a Ransomware-as-a-Service (RaaS) operation, rapidly gaining prominence for its aggressive tactics and high-profile attacks, particularly targeting healthcare and public health (HPH) entities. The group is assessed with moderate confidence to be of Russian or Eastern European origin, with some members having previously been associated with the Conti ransomware group. Its primary motivation is financial gain through a double extortion model. What sets Hive apart is its rapid evolution, including a shift in 2022 from GoLang to Rust programming for its ransomware, and its ultimate disruption in January 2023 by an unprecedented FBI infiltration operation that successfully provided decryption keys to victims, averting significant ransom payments.
Malware asociado
OSX_OCEANLOTUS.D
Tecnicas MITRE
T1059, T1203, T1104, T1087, T1082, T1543
CVEs relacionadas
CVE-2023-40044, CVE-2023-3519, CVE-2023-3284, CVE-2022-41082, CVE-2022-41080, CVE-2022-41040

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises objetivo (SOCRadar)

United Arab EmiratesArgentinaAustriaAustraliaBelgiumBulgariaBrazilBelarusCanadaSwitzerland

Sectores atacados

Healthcare (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesMonetary Authorities-Central BankSoftware PublishersReal EstateHospitalsEnterprises & HoldingAccommodationAir Transportation

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com