Feds Put $10 Million Bounty on North Korean who Allegedly Hacked US Hospitals to Extort Ransom

The US Department of State’s Rewards for Justice program is offering a $10 million reward for information leading to a North Korean who allegedly hacked US hospitals to install Maui ransomware and extort ransoms.

Rim Jong Hyok, of the Democratic People’s Republic of Korea (DPRK), is said to be associated with a malicious cyber group known as Andariel.

Source: rewardsforjustice.net

Malicious cyber activities

“The Andariel group is controlled by the DPRK’s military intelligence agency, the Reconnaissance General Bureau, which has primary responsibility for the DPRK’s malicious cyber activities and is also involved in the DPRK’s illicit arms trade,” according to the DoJ.

Andariel targets foreign businesses, government entities and the defense industry, the DoJ said.

Rim and unnamed co-conspirators allegedly hacked into the computer systems of US hospitals and healthcare providers, installed Maui ransomware, and extorted ransoms.

“The ransomware attacks encrypted victims’ computers and servers used for medical testing or electronic medical records and disrupted healthcare services,” according to the press release

Ransom money used to hack US government

The hackers used the ransom payments to further their cyber operations against US government entities and foreign defense contractors, among others.

“In one computer intrusion operation that began in November 2022, the malicious cyber actors hacked a US-based defense contractor from which they extracted more than 30 gigabytes of data, including unclassified technical information regarding material used in military aircraft and satellites, much of which was from 2010 or earlier,” says the State Department.

Andariel actors are said to have victimized five healthcare providers, four US-based defense contractors, two US Air Force bases, and NASA’s Office of Inspector General.

Anyone with information on the malicious cyber activity of Rim Jong Hyok, Andariel, or associated individuals, entities, and activities is encouraged to contact Rewards for Justice via its Tor-based tips-reporting channel. More information about the reward offer is available at https://rewardsforjustice.net.