The FBI managed to track down and recover nearly half a million dollars extorted from various US healthcare organizations as part of the ransomware lawsuits.
In its announcement, the US Department of Justice (DoJ) described how when a hospital in Kansas was attacked by the Maui ransomware in May 2021, it quickly notified law enforcement, which was a crucial decision that ultimately led not only to the recovery of the fund, but to much more.
The FBI said timely disclosure helped obtain and analyze an entirely new strain of malware (opens in a new tab) and ultimately identify the perpetrators and return the money.
Get a whole new variety of ransomware
The Maui perpetrators have been identified as a state-sponsored threat actor from North Korea.
The hospital in Kansas had paid around €100 in cryptocurrency for the decryption key, while another medical service provider in Colorado paid €000 shortly after.
Tracing the money helped the FBI identify an "undisclosed number" of additional payments, amounting to €280,000, with the total amount seized in May 2022 of around €500,000.
"Through a victim's prompt reporting and cooperation, FBI and Justice Department prosecutors disrupted the activities of a North Korean state-sponsored group deploying ransomware known as 'Maui,'" said Lisa O. Monaco, deputy attorney general.
"Not only did this allow us to recover their ransom payment, as well as a ransom paid by previously unknown victims, but we were also able to identify a previously unidentified strain of ransomware."
Although cryptocurrencies are often considered a great tool for cybercriminals, it is actually much easier to trace the money that passes through the blockchain, compared to traditional finance. The very nature of the blockchain is pseudonymous rather than anonymous, and once an identity is connected to a specific wallet, tracking money flows becomes much easier.
The cryptocurrency industry has its own money launderers, but as BleepingComputer reports, tracking the money laundering process after the ransom is paid can help law enforcement identify and possibly arrest the perpetrators of the threat.
Via: BleepingComputer (Opens in a new tab)