In separate reports, CISA and the Microsoft Threat Intelligence Center linked the Maui and H0lyGh0st ransomware gangs to North Korean nation-state actors.
Latest Threat Intel News:
Ransomware Gangs Linked to North Korean Nation-State Actors
The two groups are targeting small businesses and the healthcare sector, respectively. In combination with the large cryptocurrency heists carried out by North Korean hackers such as Lazarus group, experts believe that these financially motivated cybercrimes are being propagated to support the country’s struggling economy.
Why This Matters
North Korea’s foray into digital extortion has no signs of slowing. The situation brings added complications for victims given the country’s comprehensive sanctions by the U.S Treasury Department. Since sanctions concerns may prohibit purchasing a decryptor from the cybercriminals, victims without viable backups may be severely impacted.
This blog post and its contents are intended for general guidance and informational purposes only. This blog post is under no circumstances intended to be used or considered as specific insurance or information security advice.