US Offers $10M Reward for Information on North Korean Hacker
The individual is part of a DPRK-backed group known as Andariel, which is known for using the 'Maui' ransomware strain to target and extort healthcare entities.
The US Department of Justice has unsealed an indictment of a North Korean military intelligence operative targeting US critical infrastructure.
The individual, Rom Jong Hyok, allegedly carried out ransomware attacks against healthcare facilities and funneled the ransom payments to arrange other breaches into defense, technology, and government organizations globally, in violation of the Computer Fraud and Abuse Act, according to the indictment.
The ransom payments were laundered through Hong Kong, where they were converted into Chinese yuan, withdrawn from an ATM, and then used to purchase virtual private servers in order to exfiltrate sensitive defense and technology information.
Hyok is part of a hacking crew known as Andariel (aka APT45, Nickel Hyatt, Onyx Sleet, Silent Chollima, Stonefly, and TDrop2) and is allegedly behind cyberattacks involving a ransomware strain coined "Maui," which was targeting organizations in the US and Japan as far back as 2022. The group uses this ransomware against healthcare providers' systems and servers used for medical testing or electronic medical records.
Andariel is controlled by DPRK's military intelligence agency, the Reconnaissance General Bureau, which is involved in the DPRK's illicit arms trade and responsible for its malicious cyber acts.
"This group poses an ongoing threat to various industry sectors worldwide, including, but not limited to, entities in the United States, South Korea, Japan, and India," said the National Security Agency.
The US Department of State's Rewards for Justice (RFJ) announced a reward of up to $10 million for information that could lead to the whereabouts of Rim Jong Hyok, Andariel, or co-conspirators.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024