Former Microsoft engineer sent behind bars for role in ransomware extortion scheme

The engineer was neck-deep in laundering proceeds from Reveton ransomware victims.
Written by Charlie Osborne, Contributing Writer

A former Microsoft engineer has been given an 18-month prison sentence after being found guilty of laundering money acquired from Reveton ransomware victims.

The US Department of Justice (DoJ) said on Tuesday that Raymond Odigie Uadiale, 41, of Maple Valley, Washington, pleaded guilty to "cashing out" payments made by victims of Reveton.

The ransomware in question executes on PCs and encrypts system files. A message is then shown on the home screen which claims that the user has violated federal law and downloaded illegal content.

As the message utilizes the FBI logo, users may be frightened enough to pay the "fine" in order to regain access to their PC.

CNET: Amazon and Microsoft bring Alexa and Cortana to each other's devices

This tactic appears to have worked well for the Reveton operators, who demanded that victims pay by way of a GreenDot MoneyPak -- as at the time, in 2012 to 2013, Bitcoin (BTC) was not a common payment method.

Once purchased, victims would be instructed to enter the account number into the 'FBI' home screen.

According to the indictment filed with the engineer's plea agreement, acquired by Bleeping Computer, Uadiale then laundered the MoneyPak funds into cash by using prepaid debit cards.

The engineer kept a percentage as payment and then sent the rest on to a Reveton ransomware operator known as "K!NG." According to prosecutors, the distributor -- of whom Uadiale sent $93,640 in Liberty Reserve dollars -- was based in the United Kingdom.

TechRepublic: Why Microsoft's free version of Teams could help it better compete with Slack

Uadiale pleaded guilty on June 4 and was sentenced in a Florida court on one count of conspiracy to commit money laundering. As part of a plea agreement, an additional count of substantive money laundering was dropped.

In addition to his 18-month sentence, the former Microsoft engineer has been given three years of supervised release.

See also: Apple macOS vulnerability paves the way for system compromise with a single click

"This was a sophisticated scheme to conceal the proceeds of a particularly insidious type of ransomware," said US Attorney Benjamin Greenberg. "By claiming to originate from law enforcement agencies, Reveton not only victimized computer users, it also exploited the agencies in whose names the ransomware claimed to be acting. Today's sentence demonstrates that those who seek to profit from the spread of such malicious software face serious consequences."

It is important to note, however, that Uadiale was not in the employ of Microsoft at the time of the scheme. Instead, the engineer was a graduate student at Florida International University between 2012 and 2013, the time in which Reveton made the rounds.

North Korea's history of bold cyber attacks

Previous and related coverage

Editorial standards