The Hive group operates by encrypting the data stored on compromised computers and subsequently extorting victims for cryptocurrency payments in exchange for the decryption keys. In France, more than 60 companies and individuals fell victim to this ransomware, including Altice, Damart, and certain government departments.
Reports from radio RMC.BFMTV reveal that the Russian suspect, a resident of Cyprus in his forties, was taken into custody upon his arrival in Paris. The authorities also conducted a search of his residence in Cyprus, uncovering a significant sum of money in different types of cryptocurrency.
French financial intelligence agents were able to track the flow of cryptocurrency from the affected companies to the suspect’s digital wallets. This allowed them to identify a member of the Hive hacker group and apprehend him while he was in Paris.
Curiously, the Russian embassy in Paris was not officially notified of the arrest, and embassy staff only became aware of it through media reports.
It is worth noting that the Hive hackers targeted more than 1,500 companies and institutions worldwide and amassed over $100 million in ill-gotten gains. However, in January of this year, the group was dismantled through a collaborative effort involving the FBI, German law enforcement, and their Dutch counterparts.