SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.hive (Back to overview)

Hive

There is no description at this point.

References
2022-11-28Github (reecdeep)reecdeep
@online{reecdeep:20221128:hivev5:ddd645c, author = {reecdeep}, title = {{HiveV5 file decryptor PoC}}, date = {2022-11-28}, organization = {Github (reecdeep)}, url = {https://github.com/reecdeep/HiveV5_file_decryptor}, language = {English}, urldate = {2022-12-29} } HiveV5 file decryptor PoC
Hive Hive
2022-09-28vmwareGiovanni Vigna
@online{vigna:20220928:esxitargeting:bd1ce9a, author = {Giovanni Vigna}, title = {{ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)}}, date = {2022-09-28}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/09/esxi-targeting-ransomware-the-threats-that-are-after-your-virtual-machines-part-1.html}, language = {English}, urldate = {2022-10-10} } ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil
2022-08-22MicrosoftMicrosoft
@online{microsoft:20220822:extortion:67c26d4, author = {Microsoft}, title = {{Extortion Economics - Ransomware’s new business model}}, date = {2022-08-22}, organization = {Microsoft}, url = {https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE54L7v}, language = {English}, urldate = {2022-08-31} } Extortion Economics - Ransomware’s new business model
BlackCat Conti Hive REvil AgendaCrypt Black Basta BlackCat Brute Ratel C4 Cobalt Strike Conti Hive Mount Locker Nokoyawa Ransomware REvil Ryuk
2022-07-26YoroiLuigi Martire, Carmelo Ragusa
@online{martire:20220726:footsteps:cd2ba49, author = {Luigi Martire and Carmelo Ragusa}, title = {{On the FootSteps of Hive Ransomware}}, date = {2022-07-26}, organization = {Yoroi}, url = {https://yoroi.company/research/on-the-footsteps-of-hive-ransomware/}, language = {English}, urldate = {2022-07-28} } On the FootSteps of Hive Ransomware
Hive Hive
2022-07-22YoroiLuigi Martire, Carmelo Ragusa
@techreport{martire:20220722:footsteps:138e516, author = {Luigi Martire and Carmelo Ragusa}, title = {{On The Footsteps of Hive Ransomware}}, date = {2022-07-22}, institution = {Yoroi}, url = {https://yoroi.company/wp-content/uploads/2022/07/Yoroi-On-The-Footsteps-of-Hive-Ransomware.pdf}, language = {English}, urldate = {2022-07-28} } On The Footsteps of Hive Ransomware
Hive Hive
2022-06-23KasperskyNikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov
@techreport{nazarov:20220623:hateful:bae0681, author = {Nikita Nazarov and Vasily Davydov and Natalya Shornikova and Vladislav Burtsev and Danila Nasonov}, title = {{The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs}}, date = {2022-06-23}, institution = {Kaspersky}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/06/23093553/Common-TTPs-of-the-modern-ransomware_low-res.pdf}, language = {English}, urldate = {2022-06-27} } The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok
2022-06-15ThreatStopOfir Ashman
@online{ashman:20220615:first:a157972, author = {Ofir Ashman}, title = {{First Conti, then Hive: Costa Rica gets hit with ransomware again}}, date = {2022-06-15}, organization = {ThreatStop}, url = {https://www.threatstop.com/blog/first-conti-then-hive-costa-rica-gets-hit-with-ransomware-again}, language = {English}, urldate = {2022-06-27} } First Conti, then Hive: Costa Rica gets hit with ransomware again
Conti Hive Conti Hive
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
@online{team:20220509:ransomwareasaservice:13ec472, author = {Microsoft 365 Defender Threat Intelligence Team and Microsoft Threat Intelligence Center (MSTIC)}, title = {{Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself}}, date = {2022-05-09}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself}, language = {English}, urldate = {2022-05-17} } Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-04-01Bleeping ComputerLawrence Abrams
@online{abrams:20220401:week:14d9669, author = {Lawrence Abrams}, title = {{The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'}}, date = {2022-04-01}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-1st-2022-i-can-fight-with-a-keyboard/}, language = {English}, urldate = {2022-04-05} } The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'
Hive Dharma LockBit STOP SunCrypt
2022-03-30The RecordJonathan Greig
@online{greig:20220330:hive:b23a103, author = {Jonathan Greig}, title = {{Hive ransomware shuts down California health care organization}}, date = {2022-03-30}, organization = {The Record}, url = {https://therecord.media/hive-ransomware-shuts-down-california-health-care-organization/}, language = {English}, urldate = {2022-03-31} } Hive ransomware shuts down California health care organization
Hive Hive
2022-03-27Bleeping ComputerLawrence Abrams
@online{abrams:20220327:hive:4b2408f, author = {Lawrence Abrams}, title = {{Hive ransomware ports its Linux VMware ESXi encryptor to Rust}}, date = {2022-03-27}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/hive-ransomware-ports-its-linux-vmware-esxi-encryptor-to-rust/}, language = {English}, urldate = {2022-03-29} } Hive ransomware ports its Linux VMware ESXi encryptor to Rust
BlackCat Hive Hive
2022-03-18Trend MicroTrend Micro Research
@online{research:20220318:ransomware:db77bd2, author = {Trend Micro Research}, title = {{Ransomware Spotlight: Hive}}, date = {2022-03-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-hive}, language = {English}, urldate = {2022-03-28} } Ransomware Spotlight: Hive
Hive Hive
2022-02-24LIFARSVlad Pasca
@online{pasca:20220224:how:77b74bc, author = {Vlad Pasca}, title = {{How to Decrypt the Files Encrypted by the Hive Ransomware}}, date = {2022-02-24}, organization = {LIFARS}, url = {https://lifars.com/2022/02/how-to-decrypt-the-files-encrypted-by-the-hive-ransomware/}, language = {English}, urldate = {2022-03-01} } How to Decrypt the Files Encrypted by the Hive Ransomware
Hive Hive
2022-02-21Security AffairsPierluigi Paganini
@online{paganini:20220221:flaw:0b723b0, author = {Pierluigi Paganini}, title = {{A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files}}, date = {2022-02-21}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/128232/security/recover-files-hive-ransomware.html}, language = {English}, urldate = {2022-02-26} } A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files
Hive Hive
2022-02-19The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20220219:master:8d77715, author = {Ravie Lakshmanan}, title = {{Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm}}, date = {2022-02-19}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/02/master-key-for-hive-ransomware.html}, language = {English}, urldate = {2022-02-26} } Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm
Hive Hive
2022-02-18The RecordCatalin Cimpanu
@online{cimpanu:20220218:academics:d2f3045, author = {Catalin Cimpanu}, title = {{Academics publish method for recovering data encrypted by the Hive ransomware}}, date = {2022-02-18}, organization = {The Record}, url = {https://therecord.media/academics-publish-method-for-recovering-data-encrypted-by-the-hive-ransomware/}, language = {English}, urldate = {2022-02-19} } Academics publish method for recovering data encrypted by the Hive ransomware
Hive Hive
2022-02-18Kookmin UniversityGiyoon Kim, Soram Kim, Soojin Kang, Jongsung Kim
@techreport{kim:20220218:method:4b41876, author = {Giyoon Kim and Soram Kim and Soojin Kang and Jongsung Kim}, title = {{A Method for Decrypting Data Infected with Hive Ransomware}}, date = {2022-02-18}, institution = {Kookmin University}, url = {https://arxiv.org/pdf/2202.08477.pdf}, language = {English}, urldate = {2022-02-19} } A Method for Decrypting Data Infected with Hive Ransomware
Hive Hive
2021-12-09Group-IBDmitry Shestakov, Andrey Zhdanov
@online{shestakov:20211209:inside:2dc8bd6, author = {Dmitry Shestakov and Andrey Zhdanov}, title = {{Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples}}, date = {2021-12-09}, organization = {Group-IB}, url = {https://blog.group-ib.com/hive}, language = {English}, urldate = {2022-01-24} } Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples
Hive Hive
2021-12-03Github (rivitna)Andrey Zhdanov
@online{zhdanov:20211203:hive:7d25585, author = {Andrey Zhdanov}, title = {{Hive Demo and IoCs}}, date = {2021-12-03}, organization = {Github (rivitna)}, url = {https://github.com/rivitna/Malware/tree/main/Hive}, language = {English}, urldate = {2021-12-22} } Hive Demo and IoCs
Hive Hive
2021-11-02Twitter (@malwrhunterteam)malwrhunterteam
@online{malwrhunterteam:20211102:linux:df56e42, author = {malwrhunterteam}, title = {{Tweet on linux version of Hive Ransomware group's command to shut down ESXI VMs}}, date = {2021-11-02}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1455628865229950979}, language = {English}, urldate = {2021-11-17} } Tweet on linux version of Hive Ransomware group's command to shut down ESXI VMs
Hive
2021-10-29Twitter (@ESETresearch)ESET Research
@online{research:20211029:freebsd:f994b0c, author = {ESET Research}, title = {{Tweet on FreeBSD and LInux version of Hive ransomware}}, date = {2021-10-29}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1454100591261667329}, language = {English}, urldate = {2021-11-03} } Tweet on FreeBSD and LInux version of Hive ransomware
Hive

There is no Yara-Signature yet.