FBI Seizes $500K USD in Crypto From North Korean Hackers
The group was responsible for targeting US healthcare providers.
The Department of Justice (DOJ) announced Tuesday, July 19, that the FBI had seized nearly half a million USD in cryptocurrency from North Korean hackers. Some of the funds were made up of ransoms that were paid by victimized health care providers in Kansas and Colorado. It is reported that the recovered funds will be returned to the victims.
Today, @TheJusticeDept released a civil forfeiture complaint against the North Korean state-sponsored cyber actors responsible for using Maui ransomware to target health care and public health care sector organizations. Read more at https://t.co/JaUWwYL86U. @FBIKansasCity
— FBI (@FBI) July 19, 2022
“Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as ‘Maui,’” said Deputy Attorney General Lisa O. Monaco, adding that “not only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain. The approach used in this case exemplifies how the Department of Justice is attacking malicious cyber activity from all angles to disrupt bad actors and prevent the next victim.”
The DOJ’s Office of Public Affairs shared that the North Korean hacker’s attack on a medical center in Kansas took place in May of 2021. In the attack, hackers used ransomware called “Maui” to encrypt the files and servers of the medical center. The Kansas hospital was then forced into paying a ransom of $100,000 USD in Bitcoin after their systems were made inoperable for over a week.
The Hospital quickly reached out to the FBI and because of this, the agency was able to identify the ransomware and trace the funds to China-based money launderers.
Nearly a year later the FBI observed a Bitcoin payment of $120,000 USD being sent to one of the seized crypto accounts which was identified due to its involvement with the prior Kansas hospital exploit. This time it was from a medical provider in Colorado who had fallen victim to the same “Maui” ransomware.
As of May 2022, the FBI seized the contents of two cryptocurrency accounts and the District of Kansas began proceedings to forfeit the hackers’ funds.
The FBI has also been actively growing its cyber enforcement arm and just recently issued a warning to financial institutions and investors that fraudulent crypto investment applications have been circling. The agency reports that nearly $42.7 million USD has been stolen through this scheme.
The #FBI warns financial institutions and investors about cybercriminals creating fraudulent cryptocurrency investment applications to defraud cryptocurrency investors. This scheme has resulted in an estimated $42.7 million in losses to date. Read more at https://t.co/ClCBP5uwAw. pic.twitter.com/Ro9GfIzT8n
— FBI (@FBI) July 20, 2022
The DOJ and FBI have asked that victims of such attacks reach out and keep a clear line of communication to help stop future occurrences of the crimes.
“Reporting cyber incidents to law enforcement and cooperating with investigations not only protects the United States, it is also good business,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.
In other news, Luana Pinheiro becomes the first female UFC fighter to receive a salary in Bitcoin.