Security News > 2022 > July > FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
The U.S. Department of Justice has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui.
The DoJ did not disclose where the rest of the payments originated from.
Earlier this month, U.S. cybersecurity and intelligence agencies issued a joint advisory calling attention to the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021.
The incident targeting the unnamed Kansas facility is said to have occurred around the same time, prompting the Federal Bureau of Investigation to uncover the never-before-seen ransomware strain.
North Korean threat actors have a storied history of directing financially-motivated hacks for the sanctions-hit nation in a multitude of ways, including targeting blockchain companies and leveraging cryptocurrency heists by making use of rogue wallet apps and exploiting crypto asset bridges.
The disruption highlights the U.S. government's continued success with cracking down on crypto-oriented criminal activities, enabling it to recoup ransomware payments associated with DarkSide and REvil as well as funds stolen in connection with the 2016 Bitfinex hack.
News URL
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html
Related news
- North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns (source)
- North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry (source)
- FBI: BlackSuit ransomware made over $500 million in ransom demands (source)
- FBI: BlackSuit ransomware behind over $500 million in ransom demands (source)
- FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million (source)
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges (source)
- Hackers linked to $14M Holograph crypto heist arrested in Italy (source)
- 0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193) (source)