Advert.

Do NOT tell your scammer he is posted here, or report their accounts as it puts others at risk!

North Korean group hacked Kansas hospital, got $100K Bitcoin

Did you read about scams in the papers, or see it on TV? Let us know.

North Korean group hacked Kansas hospital, got $100K Bitcoin

Unread postby Big Al » Sat Jul 23, 2022 2:17 pm

https://www.yahoo.com/news/north-korean ... 29206.html

Jason Tidd, Topeka Capital-Journal
Thu, July 21, 2022 at 12:18 PM

The FBI seized $500,000 after Kansas and Colorado health care providers paid Bitcoin crypto ransoms to hackers from North Korea and Chinese launderer.
The cooperation of a Kansas hospital with law enforcement after a cyberattack crippled their systems ultimately helped federal officials find and seize about $500,000 in ransoms paid by American health care providers to North Korean hackers.

The U.S. Justice Department announced Tuesday that a state-sponsored group in North Korea and money launderers in China were behind a series of hacks using a new "Maui" ransomware strain.

The unidentified Kansas hospital was hacked in May 2021, leaving health care workers unable perform X-rays and diagnostic imaging. They also lost access to a second server used for scanning data, their internet server and their sleep lab server due to the malware software.

The ransom note demanded two Bitcoins and warned the price would increase if not paid quickly. A ransom of 1.77 Bitcoins was ultimately paid, worth about $100,000 at the time, and the medical provider got the decryption keys after more than a week without access.

"Because the Kansas medical center notified the FBI and cooperated with law enforcement, the FBI was able to identify the never-before-seen North Korean ransomware and trace the cryptocurrency to China-based money launderers," the Justice Department statement said.

The FBI was then able to observe another 2.54 Bitcoin payment, worth about $120,000, into a cryptocurrency account in April. Agents determined the funds came from a Colorado medical provider that had been hacked with the same ransomware strain.

In May, the FBI used warrants to seize two cryptocurrency accounts with funds from the Kansas and Colorado providers. The accounts with an unidentified virtual currency exchange had been accessed by a Hong Kong-based IP address.

On Monday, U.S. Attorney Duston J. Slinkard for the District of Kansas and his office filed a civil asset forfeiture case in federal court for the contents of the two accounts.

"Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as 'Maui,'" Deputy Attorney General Lisa O. Monaco said in a statement.

FBI Director Christopher Wray addressed cyber threats when speaking with top law enforcement officials at a Kansas Bureau of Investigation town hall in March.
FBI Director Christopher Wray addressed cyber threats when speaking with top law enforcement officials at a Kansas Bureau of Investigation town hall in March.
In statements, FBI officials emphasized the agency's work with the private sector "to discover, disrupt and dismantle cyber threats." When FBI Director Christopher Wray visiting Kansas in March, he visited the University of Kansas with Sen. Jerry Moran as part of cybersecurity efforts.

North Korea isn't the only foreign country targeting Kansas companies with cyberattacks. In March, the FBI and federal prosecutors detailed evidence of a hack of Wolf Creek Nuclear Operating Corporation by a Russian spy agency's military unit.

Jason Tidd is a statehouse reporter for the Topeka Capital-Journal. He can be reached by email at jtidd@gannett.com. Follow him on Twitter @Jason_Tidd.
"Look for the lies."
Being Blackmailed? Go here and do this first: https://blackmailscams.com/
The information you supply can help others from becoming Victims.
Image
User avatar
Big Al
"Little pee nut" admin.
 
Posts: 84973
Joined: Fri Apr 27, 2012 10:48 pm

Return to Media reports.

Who is online

Users browsing this forum: No registered users and 30 guests