Feds Recover Funds After Healthcare Providers Suffer Ransomware Attacks

Feds Pull Off MASSIVE Federal Operation – $500,000 Recovered!

(ConservativeHub.com) – Ransomware is debilitating to businesses, and authorities are scrambling to stop attacks as quickly as possible to minimize damage. On July 19, the US Department of Justice (DOJ) announced it thwarted attempts by a North Korean-backed ransomware group to target medical facilities and recovered $500,000. Federal authorities said the May operation involved an incident at a Kansas hospital in May 2021.

A program called Maui attacked computers at the medical facility, disrupting the use of its servers and files. The hospital paid the hacker group $100,000 in Bitcoin to regain the system’s functionality. Administrators reported the incident to the DOJ, allowing agents to conduct the recovery operation.

Justice Department Seizes and Forfeits Approximately $500,000 from North Korean Ransomware Actors and their Conspirators

Two Ransom Payments Made by U.S. Health Care Providers Recovered by Law Enforcement Will Be Returned to Victimshttps://t.co/AI1HDmFJF7

— Justice Department (@TheJusticeDept) July 19, 2022

The DOJ retrieved the money by tracing the payments to an account linked to money launderers from China. These criminals were working in conjunction with the North Koreans on this scheme. During the operation, agents also discovered and recovered other payments from the account, including one from a Colorado healthcare provider, to bring the total recovered funds to around $500,000.

The DOJ credited the Kansas facility’s prompt reporting as the key to recovering the money lost by multiple victims and helping the agency identify this new ransomware. FBI Cyber Division Assistant Director Bryan Vorndran encouraged other victims to come forward and work with law enforcement to help stop these criminals, according to the DOJ’s press release.

Ransomware has been on the rise in recent years, with Statista reporting that nearly 70% of businesses worldwide were impacted by attacks in 2021. Cyber risks have fueled calls for improved security members — but for now, it appears groups and individuals operating in in the digital world are more vulnerable than ever.