Justice Department Seizes and Forfeits Approximately 500,000 from North Korean Ransomware Actors and their Conspirators | OPA | Department of Justice

The Department of Justice today announced a lawsuit filed in the District of Kansas to seize cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. In May 2022, the FBI filed a sealed seizure warrant for the funds worth approximately half a million dollars. Funds seized include ransoms paid by healthcare providers in Kansas and Colorado.

“Thanks to a victim’s swift reporting and cooperation, the fbi and justice department prosecutors have disrupted the activities of a north korean state-sponsored group deploying ransomware known as ‘maui,'” he said Assistant Attorney General Lisa O. monaco today at the international conference on cyber security. “Not only did this allow us to recover their ransom payment, as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified strain of ransomware. the approach used in this case exemplifies how the justice department is attacking malicious cyber activity from all angles to disrupt the bad guys and prevent the next victim.”

Reading: Doj seized bitcoin

According to court documents, in May 2021, North Korean hackers used a strain of ransomware called maui to encrypt the files and servers of a medical center in the borough of kansas. after more than a week of being unable to access encrypted servers, the kansas hospital paid approximately $100,000 in bitcoins to regain use of its computers and equipment. Because the Kansas Medical Center notified the FBI and cooperated with law enforcement, the FBI was able to identify the never-before-seen North Korean ransomware and trace the cryptocurrency to money launderers based in China.

See also: Jack Dorsey and Jay Z invest 500 BTC to make Bitcoin internets currency – TechCrunch

Then, as a result, in April 2022, the fbi observed a bitcoin payment of approximately $120,000 in one of the seized cryptocurrency accounts identified thanks to the cooperation of the kansas hospital. The FBI investigation confirmed that a medical provider in Colorado had just paid a ransom after being hacked by actors using the same strain of Maui ransomware. In May 2022, the FBI seized the contents of two cryptocurrency accounts that had received funds from Kansas and Colorado health care providers. The District of Kansas then began proceedings to seize the hackers’ funds and return the stolen money to the victims.

“Reporting cyber incidents to law enforcement and cooperating with investigations not only protects America, it’s also good business,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s Homeland Security Division. “Reimbursing these ransom victims shows why it pays to work with law enforcement.”

“These sophisticated criminals are constantly pushing the limits to find ways to extort money from victims by forcing them to pay ramsons to regain control of their computers and registry systems,” said u.s. attorney Duston J. slinkard for the district of kansas. “what these hackers don’t count on is us tenacity. department of justice in the recovery and return of these funds to the rightful owners.”

“The FBI is dedicated to working with our federal and private sector partners to disrupt nation-state actors who pose a critical cyber threat to the American people,” said FBI Cyber ​​Division Deputy Director Bryan vorndran. “Today’s success demonstrates the results of letting the FBI and our partners know as soon as possible when you are the victim of a cyberattack; this provides law enforcement with the ability to better assist the victim. We will continue to pursue these malicious cyber actors, like these North Korean hackers, who threaten the American public regardless of where they are and will work to successfully recover ransom payments when possible.”

See also: 2022 Bitcoin Summer Camps & Courses | Camp Tech Revolution

“Today’s announcement reiterates the FBI’s and Department of Justice’s continued commitment to working with our critical infrastructure and private sector partners to identify and dismantle cyber threats, including new and emerging ransomware variants,” said Special Agent in charge charles dayoub of the fbi kansas city field division. “Due to the quick notification by the victim’s medical center, measures were taken to reduce the loss of the victim company, as well as to identify the implemented malware, preventing additional cyber attacks. The relationship between the FBI and our private sector partners is critical to uncovering, disrupting, and dismantling cyber threats to our nation’s infrastructure.”

on July 6, 2022, based on information obtained during the department’s investigation, the fbi, the cybersecurity and infrastructure security agency (cisa), and the treasury department issued a joint cybersecurity advisory regarding the threat of North Korea to the United States. health care and public health organizations, which included compromise indicators and mitigation tips.

Deputy Attorney General Lisa O. Monaco; Assistant Attorney General Matthew G. Olsen of the Justice Department’s Homeland Security Division; U.S. attorney Duston J. slinkard for the district of kansas; Special Agent in Charge Charles Dayoub of the FBI’s Kansas City Field Office; and Deputy Director Bryan Vorndran of the FBI’s Cyber ​​Division made the announcement.

the fbi is investigating the case.

See also: Webull vs. Coinbase: Which Is Right for You? | The Ascent by Motley Fool

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button