BankInfoSecurity.com reported that “The U.S. Department of Justice clawed back about $500,000 worth of illicit cryptocurrency from North Korean hackers who launched Maui ransomware assaults on at least two U.S. medical facilities.” The July 19, 2022 report entitled “DOJ Seizes $500,000 From North Korean Attacks on Healthcare” included these comments:
Deputy Attorney General Lisa Monaco during a speech at Fordham University today said the victims include a Kansas medical center and a Colorado medical provider.
Monaco’s disclosure comes about two weeks after the federal government warned the healthcare sector of attacks by North Korean state-sponsored groups involving Maui ransomware (see: Feds Warn Healthcare Sector of ‘Maui’ Ransomware Threats).
Maui ransomware gets its name from the name of the executable file used to maliciously encrypt victims’ files. North Korea is a well-known ransomware enthusiast, using it to harvest cash it spends on developing weapons of mass destruction. A 2019 United Nations panel estimated cybercrime netted the hereditary totalitarian monarchy in Pyongyang about $2 billion, an amount that has only since grown.
Good news about the recovery of $500K, but also scary that ransomware continues to spread.