DoJ Seizes $500K in Crypto and Fiat From North Korean Hackers
- The North Korean hackers drew the attention of the U.S. Department of Justice back in May 2021, when a Kansas hospital reported paying $100,000 ransomware payment in BTC.
- The DoJ was able to trace the ransomware payments to China-based money launderers, as well as uncover a new type of ransomware used to target U.S. health care providers.
Sign of the Department of Justice (DOJ), Washington, DC, September 10, 2016. Mark Van Scyoc/Shutterstock
The U.S. Department of Justice (DoJ) has seized around $500,000 in crypto and fiat from a hacking group connected to the North Korean government, the DoJ said in a press release on 19 July.
According to the announcement, the Federal Bureau of Investigation (FBI) and the DoJ had successfully disrupted a “North Korean state-sponsored group” that used ransomware to attack U.S. medical facilities. The two agencies were able to trace ransom payments made by medical facilities in Kansas and Colorado through the blockchain, which resulted in the seizure of $500,000 in crypto and fiat from China-based money launderers hired by the North Koreans. Deputy Attorney General Lisa O. Monaco said in a statement:
“Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group. We were also able to identify a previously unidentified ransomware strain. The approach used in this case exemplifies how the Department of Justice is attacking malicious cyber activity from all angles to disrupt bad actors and prevent the next victim.”
The hacker group drew the attention of the DoJ and FBI in May last year, when an unnamed medical provider in Kansas reported it had made a ransomware payment of $100,000 worth of Bitcoin (BTC) to regain access to its systems. Through its investigation, the FBI was able to identify a “never-before-seen North Korean ransomware”, as well as track the crypto transactions to China-based money launderers. Following that incident, the FBI observed a $120,000 BTC payment from a medical provider in Colorado, which resulted in the agency seizing two crypto accounts.
Hacking groups connected to North Korea have been responsible for a number of crypto-related cyber attacks. Back in April, the U.S. Treasury Department was able to connect a North Korean hacker group known as Lazarus to the Axie Infinity Ronin bridge exploit, which saw $625 million being stolen from the platform.
- The prosecution tried to paint FTX’s founder as someone who deliberately deceived his customers to get rich, and noted that he directed all activities that led to the failure of the company.
- The defense’s claimed SBF was an entrepreneur whose plans simply “didn’t work out”, and tried to cast the blame for Alameda’s downfall to its former CEO Caroline Ellison.
Shutterstock
- Sam Bankman-Fried’s legal counsel had claimed he should not be charged with any crimes involving FTX as it was not regulated in the U.S., only FTX.US was.
- The DoJ said the claim was irrelevant as SBF was charged for violating existing laws for misappropriating customer assets.
- SBF’s legal team argued that the former FTX CEO did not intend to tamper with the witnesses, and that the DoJ’s request was based on “thin” factual grounds.
- The DoJ filed a motion last week requesting to dismiss SBF’s bail, alleging that he shared Caroline Ellison’s personal diary with the New York Times in order to intimidate her.