A man received a prison sentence for his part in helping to “cash out” ransom payments made by victims of a specific ransomware family.
On 13 August, the U.S. Department of Justice (DOJ) announced the sentencing of Raymond Odigie Uadiale, 41, of Maple Valley, Washington to 18 months in jail and three years of supervised release.
This ruling came after Uadiale pleaded guilty to one count of conspiracy to commit money laundering in connection with a ransomware scheme. In exchange for his plea, the U.S. government dismissed one count of substantive money laundering.
According to court documents, Uadiale helped convert the ransom payments made by victims of Reveton ransomware from MoneyPak funds into cash. Uadiale kept a portion of the ransomware proceeds for himself. He then transferred upwards of 70 percent of the ransom payments to Reveton’s distributor, who lived in the United Kingdom.
Between October 2012 and 27 March 2013, the Washington State resident transferred $93,640 via the Liberty Reserve digital currency platform to his co-conspirator. Uadiale later got a job with Microsoft as a network engineer after he ceased his participation in the Reveton scheme.
Brian A. Benczkowski, Assistant Attorney General of the Justice Department’s Criminal Division, feels the sentence is an appropriate response to Uadiale’s crimes. As quoted in a DOJ press release:
By cashing out and then laundering victim payments, Raymond Uadiale played an essential role in an international criminal operation that victimized unsuspecting Americans by infecting their computers with malicious ransomware. This conviction and sentence is another demonstration of the Department of Justice’s commitment to prosecuting cybercriminals and shutting down the networks they use to launder their criminal proceeds. We are grateful for the outstanding collaboration of our U.S. and international law enforcement partners in this successful investigation.
This isn’t the first time that law enforcement has caught up with ransomware actors. In the spring of 2017, Japanese authorities arrested a 14-year-old teen for allegedly creating and spreading ransomware.
The best way organizations and users can protect themselves against ransomware is by preventing an infection in the first place. Here are some recommendations towards that end.