The Department of Justice of the United States of America has seized about $500,000 in crypto and fiat from a group of hackers tied to North Korea, including two ransomware payments made in crypto by health care providers in the U.S.
In an announcement made on Tuesday, the department of justice announced a joint operation with the Federal Bureau for Investigation (FBI) on the investigation of a ransom payment of about $100,000 made in BTC by a hospital in Kansas to a hacking group in North Korea in order to regain access to its hijacked systems. This investigation also covered the $120,000 worth of BTC made by a health care provider in Colorado to a wallet connected to the attack mentioned above.
The FBI filed a warrant for funds seizure in May for two different ransom attacks and other payments laundered through China. Altogether, the DOJ reported that the funds were about $500,000.
According to the U.S. Attorney for Kansas District, Duston Slinkar, the criminals are pushing boundaries extremely and constantly in order to look for ways to exploit victims by hacking their records and computer systems and demanding ransom for them to regain access. He said the hackers are not counting on the tenacity of the DOJ in tracking and recovering the funds to the victims.
In a speech made at the International Conference on Tuesday, the Deputy Attorney of the United States, Lisa Monaco, said they are counting on the victims from the private sectors to file a proper report of whatever attacks they had as soon as it happens.
Other Attacks from the Hacking Group
Monaco said at the cybersecurity conference that the DOJ, partnering with the FBI tracked and recovered the crypto payments in the same way they recovered the $2 million stolen from the Colonial Pipeline system attack last year. Following the attack last year, the Attorney General announced that it will be forming a new team called National Cryptocurrency Enforcement running under DOJ and another FBI unit called Virtual Exploitation Unit. These two teams will be commissioned to address special crimes around funds extortion on the internet, including cryptocurrency.
It has been reported that the hacking groups tied to either Russia or North Korea have been responsible for different cyber-attacks and major ransomware in the U.S. and even across the globe. In April, the Office of Foreign Assets Control of the Treasury Department pinned the Ronin Bridge attack on a cyber-criminal group from North Korea – an attack where about $600 million in crypto assets were stolen.