U.S. law enforcement alerts FBI to North Korean ransomware demand

A shadowy North Korean cybercriminal group approached a Kansas hospital last year to demand hefty ransom after hacking its critical computer systems.

The hospital s leadership faced an impossible choice - give in to ransom demand or cripple the ability of doctors and nurses to provide critical care, said Lisa O. Monaco, Deputy Attorney General of the Department of Justice. They alerted the FBI, which was the right thing to do for themselves and for future victims. How smart money is playing the game of criptocurrency.

The North Korean group promised to increase their ransomware demand if the hospital did not consent to their ransomware request. The Kansas hospital eventually paid the ransom, but the U.S. law enforcement was able to recover part of their ransom thanks to the help of blockchain analytics data that tracked the flow of illicit money to money launderers in China, which often assists North Koreans in their heists.

We have made public the seizure of the ransom payments, and we are returning the stolen funds to the victims, Monaco said last month about returning $500,000 to the hospital. After the Colonial Pipeline attack in 2021, many strategies to recover funds echoed those used to recover the funds.

According to Chainalysis, North Korean cybercriminals stole $400 million in criptocurrency last year.

This spring, the U.S. government issued a cyber advisory about North Korean groups targeting the industry, with particular focus on crypto exchanges, decentralized finance protocols, play-to- earn cryptocurrency video games, criptocurrency trading companies, and venture capital funds investing incryptocurrencies.