Skip to main content
Press Release

Washington State Man Sentenced to Prison for Role in Connection with Reveton Ransomware

For Immediate Release
Office of Public Affairs

A former Microsoft employee was sentenced today to 18 months in prison after pleading guilty to conspiracy to commit money laundering in connection with the spread of a particular type of ransomware commonly referred to as Reveton. 

Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Benjamin C. Greenberg for the Southern District of Florida and Special Agent in Charge Matthew J. DeSarno of the FBI Washington Field Office’s Criminal Division made the announcement. 

Raymond Odigie Uadiale, 41, of Maple Valley, Washington, was sentenced by U.S. District Court Judge William P. Dimitrouleas for the Southern District of Florida following his June 4 guilty plea.  The indictment charged Uadiale with one count of conspiracy to commit money laundering and one count of substantive money laundering.  As part of the plea agreement, the government dismissed the substantive count.  In addition to his prison sentence, Uadiale was also sentenced to three years of supervised release.

According to the factual proffer filed in connection with the plea agreement, Uadiale helped to “cash out” the payments of victims whose computers were infected with Reveton, a type of ransomware that displayed a splash screen on the victim’s computer with the logo of a law enforcement organization.  The splash screen would include a message falsely telling the victim that the law enforcement organization had found illegal material on the infected computer and required the payment of a “fine” to regain access to the computer and its data.  The ransomware directed the victim to purchase a GreenDot MoneyPak and enter the account number into a form on the splash screen.  Using prepaid debit cards, Uadiale transformed the MoneyPak funds into cash, kept a portion for himself, and sent a portion back to Reveton’s distributor, who resided in the United Kingdom.

“By cashing out and then laundering victim payments, Raymond Uadiale played an essential role in an international criminal operation that victimized unsuspecting Americans by infecting their computers with malicious ransomware,” said Assistant Attorney General Benczkowski.  “This conviction and sentence is another demonstration of the Department of Justice’s commitment to prosecuting cybercriminals and shutting down the networks they use to launder their criminal proceeds.  We are grateful for the outstanding collaboration of our U.S. and international law enforcement partners in this successful investigation.”

“This was a sophisticated scheme to conceal the proceeds of a particularly insidious type of ransomware,” said U.S. Attorney Greenberg.  “By claiming to originate from law enforcement agencies, Reveton not only victimized computer users, it also exploited the agencies in whose names the ransomware claimed to be acting.  Today’s sentence demonstrates that those who seek to profit from the spread of such malicious software face serious consequences.”

According to court documents, Uadiale used the digital currency platform Liberty Reserve to transfer approximately 70 percent of the ransomware proceeds back to the ransomware distributor.  Between October 2012 and March 27, 2013, while he was a graduate student at Florida International University, Uadiale sent approximately $93,640 in Liberty Reserve dollars to his co-conspirator as part of their scheme.  Public records show that Uadiale was hired by Microsoft as a network engineer after the conspiracy charged in the indictment ended.

The case was investigated by the FBI, with assistance from the U.K.’s National Crime Agency, and was prosecuted by Assistant U.S. Attorney Jared M. Strauss of the Southern District of Florida and Senior Counsel W. Joss Nichols of the Criminal Division’s Computer Crime and Intellectual Property Section, with assistance from the U.S. Attorney’s Offices for the Eastern District of Virginia and the Western District of Washington.       

Updated August 13, 2018

Topic
Cybercrime
Press Release Number: 18-1045