Suspect arrested in 'ransom your employer' criminal scheme

A Nigerian man has been arrested in connection to a scheme attempting to lure insiders to deploy ransomware on employer systems.

On November 22, security expert Brian Krebs reported that the man, Oluwaseun Medayedupin, was arrested by Nigerian authorities on Friday. 

The suspect is allegedly linked to a ‘ransom your employer’ scheme investigated by Abnormal Security in August. 

Customers of the cybersecurity firm were sent emails with the subject “Partnership affiliate offer,” requesting that the recipient considered becoming an accomplice in a cyberattack. 

The emails offered a 40% cut of an anticipated $2.5 million ransomware payment in Bitcoin (BTC), made after the recipients installed the DemonWare ransomware on their employer’s systems. 

A Microsoft Outlook email address and Telegram handle were provided for interested parties. Abnormal Security researchers reached out under the guise of a fictional person and confirmed they were sent a ransomware executable hosted on two file-sharing websites.

However, the ransomware ‘cut’ on offer was reduced to between $120,000 — $250,000 once the team began communicating with the scheme’s operator.   

The team suspected the ransomware initiative may be of Nigerian origin. When queried, the threat actor said he was attempting to build a social network for Africa called Sociogram

Read More: