Security News > 2022 > July > FBI recovers $500,000 healthcare orgs paid to Maui ransomware
The U.S. Department of Justice has announced the seizure of approximately $500,000 in Bitcoin, paid by American health care providers to the operators of the Maui ransomware strain.
At the start of this month, Maui was highlighted by the FBI and CISA as a new North Korean-backed ransomware operation extorting western organizations with encryption attacks.
The particular ransomware operation demonstrated an inclination towards healthcare and public health organizations in its targeting, causing life-threatening service outages.
"Not only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain."
The Kansas hospital had paid approximately $100,000 to the Maui ransomware gang in May 2021 to restore its IT network following a data-encrypting cyberattack.
Recovery of $4,400,000 paid by Colonial Pipeline to the DarkSide ransomware group.
News URL
Related news
- FBI: BlackSuit ransomware made over $500 million in ransom demands (source)
- FBI: BlackSuit ransomware behind over $500 million in ransom demands (source)
- FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million (source)
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- FBI: RansomHub ransomware breached 210 victims since February (source)
- Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware (source)
- Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector (source)