The FBI and U.S. Justice Department last year thwarted attempts by North Korean state-sponsored hackers to cripple an American hospital—seizing $500,000 in cryptocurrency and ransom payments in the process.
In a Tuesday statement, the DOJ’s Deputy Attorney General Lisa O. Monaco said the North Korean group hacked a Kansas hospital’s system in 2021 and demanded a ransom, threatening to cripple the center’s servers if their demands were not met.
The hospital’s staff paid the ransom after the cyber criminals threatened to double the amount within 48 hours, the statement said. The DOJ statement didn’t specify whether the ransom payment was made in cryptocurrency.
“In that moment, the hospital’s leadership faced an impossible choice—give in to the ransom demand or cripple the ability of doctors and nurses to provide critical care,” Monaco said today at the International Conference on Cyber Security (ICCS) 2022 in New York. “But they also notified the FBI, which was the right thing to do for themselves and for future victims,” she added.
A January report shows that state-sponsored hackers operating from the hermit Kingdom are frequently up to no good. Shown Last year, North Korean hackers took $400 million in Bitcoins and Ethereum. The U.S. government also stole $400 million in Bitcoin and Ethereum last year. Published A cybersecurity advisory about North Korean illicit activity within the crypto space.
Monaco’s statement added that FBI and DOJ prosecutors were able to trace the actions of the hackers and, by analyzing public Blockchain Data was found to show where the criminals kept the stolen money: in China-based money laundering firms that regularly assist North Korean hackers in converting crypto to cash.
The same tactics were used by the U.S. authorities when they first arrived in America Stolen Bitcoins were recovered During the 2021 Colonial Pipeline attack.
During their search they picked up a number of other ransom payments—including another hospital in Colorado—as well as stolen cryptocurrency, totaling half a million dollars. Although the DOJ didn’t specify which cryptocurrency hackers had stored away, ransomware attackers typically take money from either. Bitcoin Or a privacy coin such as Monero.
Monaco said that the assets were taken by authorities a few weeks back. “And today, we have made public the seizure of those ransom payments, and we are returning the stolen funds to the victims,” she said.
Are you a crypto expert? Get the best Decrypt right to your inbox
Get the latest crypto news stories and weekly roundups plus more!