The link in the email points to a fake Word page where the user is pre-set and only the password needs to be entered. Warning, it's a scam!
Maui used by North Korean hackers to target Healthcare and Public Health. CISA, FBI and Treasury cybersecurity experts: The ransomware appears to be designed for manual execution by remote actors
Maui ransomware has been used by North Korean state-sponsored hackers to target the Healthcare and Public Health sector. This has been denounced by the US CISA, the FBI and the Department of the Treasury cybersecurity experts. The malware appears to be designed for manual execution by remote actors. They uses command-line interface to interact with the malicious code and to identify files to encrypt. The FBI assesses North Korean state-sponsored cyber actors have deployed Maui ransomware against Healthcare and Public Health Sector organizations. The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health. Because of this assumption, the FBI, CISA, and Treasury assess North Korean state-sponsored actors are likely to continue targeting HPH Sector organizations.