Earlier this week, the U.S. Department of Justice (DOJ) announced a complaint filing in the District of Kansas to forfeit approximately $500,000 in cryptocurrency to victims of a new ransomware scam. According to court documents, an FBI investigation into the ransomware strain, known as "Maui," began last year after hackers used the ransomware to encrypt the files and servers of a Kansas hospital for over a week. After the hospital paid $100,000 in Bitcoin to the hackers to remove the ransomware from its system, it contacted the FBI about the attack. At this week's International Conference on Cyber Security, Deputy Attorney General Lisa O. Monaco explained that the FBI was able to trace the ransom payment through the blockchain to money launderers based in China. According to the DOJ press release, after seizing one of the cryptocurrency accounts identified thanks to the Kansas hospital's tip, the FBI was able to identify other victims of the Maui attack, including a healthcare provider based in Colorado. According to the DOJ press release, the funds are expected to be returned to victims of the ransomware attack.
In other recent developments, late last week the Commodity Futures Trading Commission (CFTC) announced that it added 34 unregistered foreign entities to its Registration Deficient List (RED List). Reportedly, the additions included multiple cryptocurrency industry firms. According to the CFTC, a firm is added to the RED List when the CFTC determines, from investigative leads and public inquiries, that the firm is not registered with the CFTC and appears to be acting in a capacity that requires registration, such as trading binary options, foreign currency or other products. In a statement, CFTC Commissioner Kristin Johnson said that U.S.-based customers transacting with unregistered entities, particularly those operating without oversight and beyond U.S. borders, may not receive the benefit of customer protections, safeguards and guardrails embedded in the CFTC's oversight of the markets. The CFTC circulates the RED List, which was launched in 2015, to financial industry partners, including other regulators, consumer groups, industry participants, self-regulatory organizations, exchanges and industry associations.
For more information, please refer to the following links:
- Justice Department Seizes and Forfeits Approximately $500,000 from North Korean Ransomware Actors and their Conspirators
- Deputy Attorney General Lisa O. Monaco Delivers Keynote Address at International Conference on Cyber Security (ICCS) 2022
- CFTC Adds 34 Unregistered Foreign Entities to RED List
- CFTC labels 34 crypto and forex firms as unregistered foreign entities
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
