The U.S. Department of Justice said it had confiscated about $500,000 paid to North Korea-linked ransomware operators.
Justice Department Seizes and Forfeits Approximately $500,000 from North Korean Ransomware Actors and their Conspirators
Two Ransom Payments Made by U.S. Health Care Providers Recovered by Law Enforcement Will Be Returned to Victimshttps://t.co/AI1HDmFJF7
— Justice Department (@TheJusticeDept) July 19, 2022
The FBI, in cooperation with the DOJ, disrupted the operations of a North Korea-linked hacker group behind the Maui ransomware distribution.
In May 2021, North Korean hackers attacked the servers of a medical center in a Kansas county using Maui. To decrypt the data, the center paid the attackers about $100,000 in Bitcoin.
Maui had previously attracted little scrutiny, but the FBI pursued the investigation and traced the ransom cryptocurrency thanks to the medical center’s report.
In April 2022, the FBI identified another $120,000 transfer in Bitcoin to hacker-linked cryptocurrency addresses. It turned out that it had been carried out by a Colorado healthcare provider attacked by Maui.
As a result, law enforcement identified intermediaries of Chinese hackers who helped launder the proceeds, and seized $500,000.
Some of them consist of Bitcoin payments from Maui victims at Kansas and Colorado medical facilities. Authorities said the funds would be returned to the victims.
Chainalysis estimated that in 2021 North Korean hackers carried out at least seven cyberattacks on cryptocurrency platforms, during which stole digital assets worth about $400 million.
According to Elliptic data, Lazarus, the North Korea-linked hackers, could have been behind the Horizon cross-chain bridge attack, resulting in stolen about $100 million.
According to Reuters, North Korea lost millions of dollars stolen by hackers amid the decline in crypto markets.
Follow ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.