Employee pleads not guilty, free on $100,000 bond

Apr 16, 2018 08:35 GMT  ·  By

41-year-old Microsoft engineer Raymond Uadiale is accused of playing a key role in a series of ransomware attacks that generated approximately $130,000 from victims who agreed to pay for the decryption key and have their data unlocked.

Uadiale, who is a Microsoft employee since 2014, worked together with an individual known as K!NG and based in the United Kingdom, between October 2012 and March 2013. K!NG was responsible for infecting computers with Reveton ransomware, while the now-Microsoft employee was in charge of obtaining prepaid debit cards that were used in the scheme.

K!NG used GreenDot MoneyPak prepaid cards to collect the ransom, and victims were required to enter the code in the ransomware UI on their computers. The hacker then transferred the funds obtained from their targets to prepaid debit cards which Uadiale procured under the name of Mike Roland.

Uadiale never met the hacker

The Reveton ransomware used the FBI and NSA logos to inform victims that their computers were locked because of suspicion of illegal content downloading and distribution. Using logos of several state departments and bureaus tricked victims into thinking they were indeed dealing with a legitimate block, and it’s believed this was one of the reasons that convinced several to pay the ransom.

Out of the $130,000 made with the ransomware, Uadiale received 30 percent, while K!NG got the other 70 percent, court documents show.

Microsoft is reportedly aware of the case and Uadiale’s lawyer says everything happened for a very short period of time and his client now “is extremely responsible and cooperative in this case.”

The Nigerian man, who in the meantime became a US citizen, is now facing federal charges for money laundering and conspiracy. He pleaded not guilty to both in a federal court in Fort Lauderdale, Florida, and is currently free on a $100,000 bond.

This is what the Reveton ransomware looks like on a compromised system

Photo Gallery (2 Images)

Uadiale started working for Microsoft in 2014
This is what the Reveton ransomware looks like on a compromised system
Open gallery