The spread of ransomware has become one of the major sources of cyber risk in recent years. Once installed on a machine, this type of malware encrypts victim's files and demands a ransom for the decryption key needed to regain access to the locked assets. The cost required for data recovery is very high and many companies do not have the funds to pay it. In this paper, we analyze the Hive Ransomware (version v5, v5.1, v5.2) and study its vulnerabilities during the generation of the private key used for encrypting the master key. By using these weaknesses, we provide a tool for all companies infected with this type of malware so that they are able to recover their data without the need to pay the ransom.
Exploitation of the Vulnerabilities of Hive Ransomware for Finding the Private Key