Security News > 2022 > July > FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers

The U.S. Department of Justice has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui.

The DoJ did not disclose where the rest of the payments originated from.

Earlier this month, U.S. cybersecurity and intelligence agencies issued a joint advisory calling attention to the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021.

The incident targeting the unnamed Kansas facility is said to have occurred around the same time, prompting the Federal Bureau of Investigation to uncover the never-before-seen ransomware strain.

North Korean threat actors have a storied history of directing financially-motivated hacks for the sanctions-hit nation in a multitude of ways, including targeting blockchain companies and leveraging cryptocurrency heists by making use of rogue wallet apps and exploiting crypto asset bridges.

The disruption highlights the U.S. government's continued success with cracking down on crypto-oriented criminal activities, enabling it to recoup ransomware payments associated with DarkSide and REvil as well as funds stolen in connection with the 2016 Bitfinex hack.

News URL

https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html