Security News > 2022 > July > FBI recovers $500,000 healthcare orgs paid to Maui ransomware

The U.S. Department of Justice has announced the seizure of approximately $500,000 in Bitcoin, paid by American health care providers to the operators of the Maui ransomware strain.
At the start of this month, Maui was highlighted by the FBI and CISA as a new North Korean-backed ransomware operation extorting western organizations with encryption attacks.
The particular ransomware operation demonstrated an inclination towards healthcare and public health organizations in its targeting, causing life-threatening service outages.
"Not only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain."
The Kansas hospital had paid approximately $100,000 to the Maui ransomware gang in May 2021 to restore its IT network following a data-encrypting cyberattack.
Recovery of $4,400,000 paid by Colonial Pipeline to the DarkSide ransomware group.
News URL
Related news
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- New NailaoLocker ransomware used against EU healthcare orgs (source)
- Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware (source)
- For healthcare orgs, disaster recovery means making sure docs can save lives during ransomware infection (source)