Google Threat Analysis Group (TAG) analysts warn that North Korean hackers attack cybersecurity experts involved…
It was then reported that Maui uses a combination of AES, RSA and XOR for the encryption process: files are encrypted with AES using a unique key, which is then encrypted with the RSA key pair generated when the malware is first run, and then the RSA public key is encrypted using another hardcoded RSA public key.
Experts assumed that the entire malicious campaign is based on the willingness of medical institutions to pay a ransom, as they need to quickly recover from an attack and ensure uninterrupted access to critical data and services, because people’s lives and health depend on them.
As the Ministry of Justice now explains, the discovery of this malware occurred after an incident in a Kansas hospital, when the victims hurried to report to the FBI. In May 2021, this healthcare facility paid ransomware about $100,000 to recover data after a ransomware attack.
Due to the quick reporting of the incident, law enforcements were able to trace another $120,000 payment from an unnamed health care provider in Colorado. As a result, these two payments, as well as an unknown number of payments in the amount of $280,000, were seized in May 2022, and the total amount of funds recovered was approximately half a million US dollars.
It is currently unknown how the seizure of funds was organized. Probably, law enforcement officers were able to trace the funds that the criminals were trying to launder, to a certain cryptocurrency exchange that offers services for cashing out and converting cryptocurrencies into fiat.
Netsmediashub.com is a domain that tries to force you into clik to its browser notifications…
News-bhexusa.xyz is a domain that tries to trick you into clik to its browser notifications…
News-bhupotu.xyz is a domain that tries to trick you into subscribing to its browser notifications…
News-bhocime.info is a site that tries to trick you into subscribing to its browser notifications…
You-hub.online is a site that tries to force you into clik to its browser notifications…
News-bhecudu.live is a domain that tries to force you into clik to its browser notifications…