Tweet
The FBI has managed to track down, and retrieve, almost half a million dollars extorted from multiple American healthcare organizations in ransomware demands.
In its announcement, the U.S. Department of Justice (DoJ) described how when a hospital in Kansas was struck by the Maui ransomware in May 2021, it quickly notified law enforcement, which was a crucial move that eventually led not just to the retrieval of the funds, but to a lot more.
The FBI said that timely disclosure helped to obtain, and analyze, a brand new malware strain, and eventually identify the perpetrators and return the money.
[HEADING=1]Obtaining a brand new ransomware strain[/HEADING]
The Maui perpetrators were identified as a North Korean state-sponsored threat actor.
The Kansas hospital had paid some $100,000 in cryptocurrencies in exchange for the decryption key, while another medical services provider in Colorado had paid $120,000 shortly after.
Following the money helped the FBI identify an āundisclosed numberā of additional payments, amounting up to $280,000, with the total amount seized in May 2022 amounting to some $500,000.
āThanks to rapid reporting and cooperation from a victim, the FBI, and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as āMauiā,ā explained Lisa O. Monaco, Deputy Attorney General.
āNot only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain.ā
Read more
Even though cryptocurrencies are often perceived as a great tool for cybercriminals, itās actually a lot easier to track money going over the blockchain, compared to traditional finance. Blockchainās very nature is pseudonymous, rather than anonymous, and once an identity is connected to a specific wallet, tracking the flows of money becomes a lot easier.
The cryptocurrency industry does have its own money launderers, but as BleepingComputer reports, following the money laundering process after the ransom payment can help the police identify, and possibly arrest, the threat actors.
[ul]
[li]These are the best endpoint protection services right now[/li][/ul]
Via: BleepingComputer
Continue readingā¦
In its announcement, the U.S. Department of Justice (DoJ) described how when a hospital in Kansas was struck by the Maui ransomware in May 2021, it quickly notified law enforcement, which was a crucial move that eventually led not just to the retrieval of the funds, but to a lot more.
The FBI said that timely disclosure helped to obtain, and analyze, a brand new malware strain, and eventually identify the perpetrators and return the money.
[HEADING=1]Obtaining a brand new ransomware strain[/HEADING]
The Maui perpetrators were identified as a North Korean state-sponsored threat actor.
The Kansas hospital had paid some $100,000 in cryptocurrencies in exchange for the decryption key, while another medical services provider in Colorado had paid $120,000 shortly after.
Following the money helped the FBI identify an āundisclosed numberā of additional payments, amounting up to $280,000, with the total amount seized in May 2022 amounting to some $500,000.
āThanks to rapid reporting and cooperation from a victim, the FBI, and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as āMauiā,ā explained Lisa O. Monaco, Deputy Attorney General.
āNot only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain.ā
Read more
Ransomware attacks are costing US schools and colleges billions
Microsoft links Holy Ghost ransomware operation to North Korean hackers
These are the best firewalls right now
Microsoft links Holy Ghost ransomware operation to North Korean hackers
These are the best firewalls right now
The cryptocurrency industry does have its own money launderers, but as BleepingComputer reports, following the money laundering process after the ransom payment can help the police identify, and possibly arrest, the threat actors.
[ul]
[li]These are the best endpoint protection services right now[/li][/ul]
Via: BleepingComputer
Continue readingā¦