FBI released a press statement of seizing about $500,000 payment in cryptocurrency from Maui Ransomware spreaders linked to North Korea Intelligence. The seizure of funds was made under a court order issued in May 2022 regarding the ransom paid by two healthcare service providers in Kansas and Colorado.
The Justice Department of Kansas supervised the whole incident in coordination with officials belonging to FBI and with the full cooperation of the IT staff of the victimized organizations.
DoJ is intending to share classical information with Interpol as it wants to make the issue attain an international recognition to attain public attention.
Interestingly, the attack was launched by Maui on a Kansas based hospital, which then after paid $100,000 in bitcoins to regain back access to the encrypted servers; as it was left with no other option, as its backed-up data was also digitally intercepted and compromised.
Maui Ransomware is a kind of file encrypting malware that was developed in Pyongyang. It targeted two healthcare organizations in March-April this year and the victims first paid the ransom and then cooperated with the Federal Bureau of Investigation in tracking down the perpetrators.
NOTE 1-Maui group is said to be based in North Korea and is said to be using a China-based money laundering company to mint money from its victims. The recovered sum will be paid back to the victims and, if any left, will be diverted to fund used to curb cyber-crime.
NOTE 2- Maui is relatively new to the field of cyber crime and at this juncture, falling in the eyes of the law enforcement could prove extremely fatal to the group.