The US Justice Department seized approximately $500,000 in digital payments and cryptocurrency from North Korean ransomware attacks. According to Deputy Attorney General Lisa Monaco, US authorities have begun returning funds to appropriate victims.
Last year, North Korean hackers encrypted the computer systems of health care organizations in Kansas and Colorado. Later, a complaint filed by an unnamed Kansas facility allowed the FBI to investigate, leading to the discovery of a new type of ransomware used by them.
According to CNN, the US authorities seized ransom payments and cryptocurrency from "China-based money-launderers working for the North Koreans." The announcement followed a prior warning from US authorities that North Korea intended to use it to disrupt health services for extended periods.
Hackers striking digital assets
The Secret Service and the Treasury Department could track cryptocurrency payments made by criminal groups, including money that violated US sanctions.
Attorney General Lisa Monaco encouraged more organizations to expand their efforts to report similar ransomware assaults to the FBI while acknowledging the growing difficulty of recovering installments paid by US organizations to culprits in Russia, Eastern Europe, and elsewhere.
Hackers backed by North Korea are notorious for breaching vulnerable crypto protocols and stealing hundreds of millions of dollars in digital assets. The most recent incident involved the alleged exploit of Harmony's Horizon Bridge by the Lazarus Group. In March, this infamous Pyongyang-backed hacker group was also responsible for the $620 million breach against Axie Infinity's Ronin bridge.
According to a report, more than 40% of the $100 million in ETH stolen from Harmony was transferred to a Tornado Cash mixer. Furthermore, Pyongyang's cyber army has 7,000 personnel and has been involved in at least 15 instances of cryptocurrency crime, with proceeds conservatively estimated to be $1.59 billion.