Security News > 2022 > July > FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers

The U.S. Department of Justice has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui.
The DoJ did not disclose where the rest of the payments originated from.
Earlier this month, U.S. cybersecurity and intelligence agencies issued a joint advisory calling attention to the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021.
The incident targeting the unnamed Kansas facility is said to have occurred around the same time, prompting the Federal Bureau of Investigation to uncover the never-before-seen ransomware strain.
North Korean threat actors have a storied history of directing financially-motivated hacks for the sanctions-hit nation in a multitude of ways, including targeting blockchain companies and leveraging cryptocurrency heists by making use of rogue wallet apps and exploiting crypto asset bridges.
The disruption highlights the U.S. government's continued success with cracking down on crypto-oriented criminal activities, enabling it to recoup ransomware payments associated with DarkSide and REvil as well as funds stolen in connection with the 2016 Bitfinex hack.
News URL
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html
Related news
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- zkLend loses $9.5M in crypto heist, asks hacker to return 90% (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)