Deputy Attorney General Lisa Monaco revealed that the US Justice Department recovered about $500,000 (approximately Rs. 4 crores) from hackers supported by North Korea who used ransomware.
The North Korean organization attacked a Kansas hospital’s system in 2021. It demanded a ransom, threatening to disable the centre’s computers if their demands were not satisfied, according to Monaco, who oversees the Justice Department’s agency-wide efforts to address cyberthreats.
According to the statement, the medical personnel paid the ransom after the cybercriminals threatened to double the sum within 48 hours.
The FBI and Justice Department prosecutors “have halted the operations of a North Korean state-sponsored gang spreading ransomware known as ‘Maui,'” according to Monaco. “Thanks to prompt reporting and assistance from a victim.”
READ MORE: Asus Zenfone 9’s global launch is set to take place on July 28
She said that the cybercriminals encrypted the servers and files of a Kansas hospital using the Maui malware strain and demanded ransom money in return for the key to decrypt the material. The assault happened in May 2021.
According to Monaco, the hospital administration had to make an unenviable decision between caving into the ransom demand and jeopardizing the capacity of medical professionals to provide life-saving treatment.
The hospital paid the hackers nearly $100,000 (about Rs. 80 lakh) in Bitcoin after struggling to recover access to its systems for more than a week.
However, the hospital also alerted the FBI, which allowed federal agents to locate the virus and link the ransom payment to Chinese money launderers who assist North Korean hackers in converting bitcoin into fiat money, according to the Justice Department.
As a result, Monaco added, “we were able to identify a previously unknown ransomware strain, as well as retrieve their ransom money and a ransom paid by previously unknown victims.”
According to court records, one victim had not previously been identified at a hospital in Colorado. In April 2022, the unnamed hospital sent nearly $120,000 (about Rs. 96 lakh) in ransom money into one of the hackers’ two cryptocurrency accounts, according to court records.
Ransomware attacks have increased regularly over the last several years, with hackers targeting various targets, including local governments, hospitals, and schools.
The US intelligence community warned that cybercriminals “are increasing the number, scale, and sophistication of ransomware attacks, fueling a virtual ecosystem that threatens to cause greater disruptions of critical services worldwide” in its most recent annual threat assessment published in February.