The US Department of Justice has seized some $500,000 in currency and cryptocurrency from a hacker group linked to the North Korean government, with transactions including two cryptocurrency payments made by US healthcare providers.
In a statement Tuesday, the Justice Department said that, along with the FBI, had investigated a $100,000 Bitcoin (BTC) payment by ransomware from a Kansas hospital to a group of North Korean hackers to regain access to its systems, as well as a $120,000 BTC payment from a Colorado medical provider to one of the wallets related to the aforementioned attack. In May, the FBI filed a warrant for the seizure of funds from the two ransomware attacks and others laundered through China, the total value of which, according to the Department of Justice, is close to $500,000.
“These sophisticated criminals are constantly looking for ways to extort money from victims by forcing them to pay ransoms in order to regain control of their computer systems and data,” said Duston Slinkar, the Kansas district attorney. “What these hackers are not counting on is the tenacity of the United States Department of Justice to recover and return these funds to their rightful owners.”
The Deputy Attorney General of the United States, Lisa Monaco, said Tuesday in a speech to the International Conference on Cybersecurity that authorities they rely on victims in the private sector to report ransomware and other attacks “as soon as such crimes occur”:
“If you report that attack, if you report the ransom request and payment, if you work with the FBI, we can take action; we can follow the money and get it back; we can help prevent the next attack, the next victim; and we can get the cybercriminals pay up. Companies that work with us will see that we support them after an incident.”
Today, DAG Monaco and @FBI New York Assistant Director met with Fordham University students and leadership at @FordhamNYC‘s International Conference on Cyber Security. #ICCS2022
Read her remarks here: https://t.co/l6MlgJU9mNhttps://t.co/l6MlgJU9mN pic.twitter.com/CYTH6WuNf1
— Justice Department (@TheJusticeDept) July 19, 2022
According to Monaco, the FBI and Department of Justice tracked ransom payments through the blockchain in the same way that they found and seized more than $2 million in cryptocurrency following an attack on the Colonial Pipeline system in 2021. The Attorney General’s Office announced at the last minute the formation of a National Cryptocurrency Enforcement Team under the Department of Justice, and a Virtual Assets Exploitation Unit under the FBI. Both teams aimed to tackle cybercrimes used for “digital extortion” of funds, including cryptocurrencies.
Hacking groups associated with North Korea and Russia have reportedly been responsible for many of the largest ransomware and cyber attacks in the United States and around the world. In April, the Treasury Department’s Office of Foreign Assets Control named North Korean cybercriminal group Lazarus Group as the entity responsible for the Ronin Bridge attack in March 2022, in which more than $600 million in crypto assets were stolen.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.