USA is offering $10 million for info about North Korea Maui ransomware attacks

Information that could facilitate the identification or location of Rim Jong Hyok, a North Korean military programmer, is being offered by the U.S. State Department for a reward of up to $10 million.

Hyok and other Andariel operatives were associated with Maui ransomware attacks that targeted critical infrastructure and healthcare organizations throughout the United States. They were a member of the Andariel North Korean cybercrime group.

On Wednesday, a federal arrest warrant was issued in the U.S. District Court, District of Kansas, for Hyok, who was charged with conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

To date, the North Korean hackers have been associated with ransomware incidents that have affected two U.S. Air Force bases, five healthcare providers, four U.S.-based defense contractors, and the National Aeronautics and Space Administration’s Office of Inspector General, according to U.S. law enforcement investigators.

“Rim and others conspired to hack into the computer systems of U.S. hospitals and other healthcare providers, install Maui ransomware, and extort ransoms,” according to the Department of State.

“The ransomware attacks disrupted healthcare services and encrypted the computers and servers of victims that were used for medical testing or electronic medical records.” The ransom payments were subsequently utilized by these malicious cyber actors to finance malicious cyber operations that targeted U.S. government entities and U.S. and foreign defense contractors, among others.

A U.S. defense contractor’s network was breached by Andariel hackers in November 2022, resulting in the theft of over 30 gigabytes of data. This data included unclassified information on military aircraft and satellites, with a significant portion of it dating back to 2010 or earlier.

Share This Article