- The Justice Department announced today it was able to seize half a million dollars from North Korean hackers.
- The group had used a new strain of ransomware, “Maui,” to freeze the servers of two U.S. hospitals, which had to pay out $100,000 and $120,000 in Bitcoin to regain access to their computers.
- North Korean hacking syndicates have been particularly effective at finding exploits in the crypto ecosystem; at the beginning of the year the state-sponsored Lazarus Group exploited the Ronin bridge for $551.8 million.
Share this article
The U.S Justice Department has seized and returned almost half a million dollars to two hospitals in Kansas and Colorado that were stolen by North Korean Hackers. The medical centers were victims of ransomware attacks in May 2021 and April 2022 and paid their ransoms in Bitcoin.
Justice Department Seizes Illicit Funds
The United States is fighting back against North Korean cyber attacks.
The Department of Justice (DOJ) announced today that it had retrieved about $500,000 from North Korean hackers. The seized funds have been returned to the health care providers from which they were originally taken.
According to the statement, in May 2021 and April 2022, state-sponsored North Korean hackers deployed a new strain of ransomware called “Maui” to lock the servers of two hospitals in Kansas and Colorado. The medical centers had to respectively pay ransoms of approximately $100,000 and $120,000 in Bitcoin to the cyber criminals to regain use of their computers.
The Kansas hospital contacted the Federal Bureau of Investigation, which was then able to trace the cryptocurrency ransom to money launderers in China. In May 2022, the FBI managed to gain access to the receiving accounts, seize the funds, and eventually return the money to the victim institutions.
“Reporting cyber incidents to law enforcement and cooperating with investigations not only protects the United States, it is also good business,” stated Assistant Attorney General Matthew G. Olsen. “The reimbursement to these victims of the ransom shows why it pays to work with law enforcement.”
It is not clear where the extra $280,000 seized came from, nor is it clear how Bitcoin’s price changes affected the overall amount seized. The statement also did not mention any arrests.
North Korean hackers have been an active force in the cryptocurrency space. At the beginning of the year the state-sponsored hacker syndicate Lazarus Group exploited the Ronin bridge for over $551.8 million; prominent members of the crypto space believe that all prominent crypto organizations should be considered targets.
Disclaimer: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.