The person at the center of this case
U.S. hospitals, healthcare companies, and government/technology entities
Cold Case · Open
1 year waiting · since 2024
RIM JONG HYOK
Justice for U.S. hospitals, healthcare companies, and government/technology entities — the trail went cold in 2024, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is the current location and operational status of Rim Jong Hyok within North Korea's intelligence apparatus?
🔍
evidence
Lead #2How was the Maui ransomware infrastructure identified and traced back to the Andariel Unit?
💡
clue
Lead #3What financial institutions or cryptocurrency exchanges were used to launder the ransomware proceeds?
Rim Jong Hyok, a North Korean intelligence operative with the Reconnaissance General Bureau's Andariel Unit, is wanted for leading a conspiracy to deploy the Maui ransomware against U.S. hospitals and healthcare companies to extort ransom payments. The investigation revealed a sophisticated operation that laundered proceeds and purchased servers for ongoing cyber espionage targeting government and technology entities across the United States, South Korea, and China. Despite a federal arrest warrant issued in July 2024, Rim Jong Hyok remains at large in North Korea, and authorities continue seeking information about his network and operational methods.
Case
#1159
North Korea
Federal Bureau of Investigation (FBI); U.S. District Court, District of Kansas
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
👤
person
Lead #4Who are the other members of the conspiracy network that coordinated the hospital and healthcare company attacks?
📞
contact
Lead #5Are there any known associates or intermediaries outside North Korea who facilitated the money laundering operations?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Computer Hacking; Conspiracy to Commit Promotion Money Laundering Caution: Rim Jong Hyok, a member of the Andariel Unit of the North Korean Government’s Reconnaissance General Bureau (RGB), a North Korean military intelligence agency, is wanted for allegedly conspiring to violate the Computer Fraud and Abuse Act. Acting on behalf of North Korea’s RGB, Rim Jong Hyok allegedly conspired to use the Maui ransomware software to conduct computer intrusions against U.S.
hospitals and healthcare companies, extort ransoms, launder the proceeds, and purchase additional internet servers to conduct cyber espionage hacks against government and technology victims in the United States, South Korea, and China. On July 24, 2024, a federal arrest warrant was issued for Rim Jong Hyok in the United States District Court, District of Kansas, after he was charged with conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.
Remarks: Rim Jong Hyok is a North Korean citizen last known to be in North Korea.
Timeline of Events
🕵️
2024-07-24
Federal Arrest Warrant Issued
A federal arrest warrant was issued for Rim Jong Hyok in the United States District Court, District of Kansas, charging him with conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.
Case Information
Incident:July 24, 2024
Last Updated:May 10, 2026
Up to $10 Reward
For information leading to the resolution of this case
Leave a comment
Comments
Case Information
Incident:July 24, 2024
Last Updated:May 10, 2026
Up to $10 Reward
For information leading to the resolution of this case