Site icon TechNewsBoy.com

FBI recovers ransomware payments paid out by hospitals

The FBI has managed to track down, and retrieve, almost half a million dollars extorted from multiple American healthcare organizations in ransomware demands.

In its announcement, the U.S. Department of Justice (DoJ) described how when a hospital in Kansas was struck by the Maui ransomware in May 2021, it quickly notified law enforcement, which was a crucial move that eventually led not just to the retrieval of the funds, but to a lot more. 

The FBI said that timely disclosure helped to obtain, and analyze, a brand new malware (opens in new tab) strain, and eventually identify the perpetrators and return the money.

Obtaining a brand new ransomware strain

The Maui perpetrators were identified as a North Korean state-sponsored threat actor. 

The Kansas hospital had paid some $100,000 in cryptocurrencies in exchange for the decryption key, while another medical services provider in Colorado had paid $120,000 shortly after. 

Following the money helped the FBI identify an “undisclosed number” of additional payments, amounting up to $280,000, with the total amount seized in May 2022 amounting to some $500,000.

“Thanks to rapid reporting and cooperation from a victim, the FBI, and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as ‘Maui’,” explained Lisa O. Monaco, Deputy Attorney General.

“Not only did this allow us to recover their ransom payment as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified ransomware strain.”

Even though cryptocurrencies are often perceived as a great tool for cybercriminals, it’s actually a lot easier to track money going over the blockchain, compared to traditional finance. Blockchain’s very nature is pseudonymous, rather than anonymous, and once an identity is connected to a specific wallet, tracking the flows of money becomes a lot easier. 

The cryptocurrency industry does have its own money launderers, but as BleepingComputer reports, following the money laundering process after the ransom payment can help the police identify, and possibly arrest, the threat actors.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version