US Seizes $500,000 From North Korean Hackers

North Korean hackers suffered a blow in their plot to steal funds from healthcare providers. The US Department of Justice seized $500,000 in Bitcoin from the alleged hackers, returning the funds to two hospitals. The hackers stole this money from the organizations through ransomware attacks: As such, these were ransom payments.

Deputy Attorney General Lisa O. Monaco thanked a Kansas hospital—concealing its exact identity—for not only contacting the FBI about the attack, but for helping DOJ discover a new ransomware strain never before seen.

The strain, called Maui, is designed to encrypt files and servers: Hackers used Maui to attack a Kansas hospital back in May 2021. After being locked out of their systems for nearly seven days, the hospital reluctantly agreed to pay $100,000 in Bitcoin to the hackers. In addition, the FBI identified a $120,000 payment made by a hospital in Colorado.

While the FBI won’t reveal how it caught the hackers, analysts guess converting the Bitcoin on an exchange platform is where hackers exposed themselves. That said, it’s possible, although less likely, agents seized the funds from the hackers’ digital wallet.

The US is now pointing the finger at North Korea as an emerging cybersecurity threat.

Ransomware attacks are intimidating, as hackers lock you out of your own networks. While it can be tempting to pay the ransom with the hope of returning to normal, authorities recommend against such an action. While the FBI was able to return the funds to the hospitals in this case, it isn’t always possible, and paying ransoms incentivizes hackers to continue these scams.