The Department of Justice in the US recently announced that they had managed to obtain $500,000 from a state-sponsored group of North Korean hackers in cryptocurrency and ransom payments. Lisa O Monaco, the Deputy Attorney General, said that the stolen funds would be returned to the victims. She added that the funds also included ransom payments that were paid by healthcare providers in Colorado and Kansas.
DOJ gets the funds back
On Tuesday, the announcement of seizing and forfeiting funds worth $500K from ransomware actors and hackers was made by the US DOJ. According to the department, a complaint had been filed in the District of Kansas for forfeiting crypto payments given to North Korean hackers as a ransom for used for laundering these payments.
The DOJ disclosed that a seizure warrant had been filed by the FBI back in May 2022 for the funds which were about half a million dollars. These funds included those that healthcare providers in Colorado and Kansas had been forced to pay as ransom.
Speaking at the International Conference on Cyber Security 2022, the deputy attorney general disclosed that they were successful in seizing ransom and crypto worth half a million dollars with the cooperation and quick reporting of a victim.
According to Lisa O. Monaco, the prosecutors of the Justice Department and the FBI had managed to disrupt the activities of Maui, which is a state-sponsored North Korean group that deploys ransomware. She said that the group had encrypted the servers of a medical center in Kansas last year, which had been used for operating essential equipment and storing critical data.
A ransom had been demanded by the hackers and the medical center had had to comply. The ransom payment had been traced by the Justice Department and the FBI via the blockchain. The FBI had been able to identify that the money launderers were based in China, who are usually the ones helping North Koreans in converting crypto ransom payments into fiat.
Further analysis of the blockchain showed that other ransom payments were also present in the same accounts. Those were traced to potential victims overseas and a medical provider based in Colorado. Monaco said that they had seized all those funds and would return them to the victims.
Last year in October, Monaco announced that they were setting up a National Cryptocurrency Enforcement Team (NCET). The purpose of establishing it was to deal with complex investigations involving crypto and prosecuting criminal and illicit use of crypto, particularly those committed by tumbling and mixing services, and digital currency exchanges, as well as those part of the money laundering infrastructure.
The Department of Justice had also clarified that the team would also help trace and recover any crypto assets that are lost to extortion and fraud, including crypto payments that are made to ransomware actors and groups. This is aimed at reducing the number of crypto-related criminal activities that have increased significantly.