The U.S. Justice Department seized about US$500,000 from North Korea-backed hackers using ransomware, Deputy Attorney General Lisa Monaco announced on Tuesday.

See related article: US Treasury says prioritize sanctioning North Korea for crypto hacking

Fast facts

  • Hackers demanded Bitcoin ransom from Kansas and Colorado medical providers that were attacked by a never-before-seen ransomware strain called Maui.
  • North Korea-backed hackers are believed to be responsible for malicious cyberattacks that stole hundreds of millions of dollars from crypto firms to allegedly fund the regime’s nuclear weapons program.
  • In May 2021, a Kansas medical center paid US$100,000 in Bitcoin ransom after losing server access for over a week, due to the socialist state hackers allegedly using the Maui ransomware. 
  • The Federal Bureau of Investigation (FBI) and the medical center identified the ransomware and traced the cryptocurrency transaction to a China-based North Korean money laundering scheme, the justice department said.
  • In April 2022, the FBI detected a US$120,000 Bitcoin payment from a Colorado medical provider into one of the crypto accounts identified in the Kansas case. 

See related article: North Korea said to be responsible for Harmony Horizon hack