The scam involved attempts to hire insiders to install DemonWare ransomware on their employer’s IT systems.
A Nigerian citizen, deemed a key suspect in the Ransom Your Employer scheme, was arrested Friday. Reportedly, through the scheme, the scammers deployed ransomware on employers’ systems.
According to a report from KrebsOnSecurity’s Brian Krebs, published on Nov 22, Oluwaseun Medayedupin was arrested by law enforcement authorities in Nigeria for his alleged connection to the infamous Ransom Your Employer scheme. The 23-year-old schemer is expected to be charged this week.
About Ransom Your Employer Scheme
KrebsOnSecurity’s Brian Krebs warned in August that scammers are unleashing ransomware inside their employer’s network and offering a percentage of the ransom amount paid by the employer in exchange.
Abnormal Security later investigated this scheme and reported that a cybersecurity firm’s customers received emails with the subject line Partnership affiliate offer. The recipient was asked to become an accomplice in a cyberattack and offered a 40% cut in an expected $2.5 million ransomware payment in Bitcoin.
For their share, the recipient had to install the DemonWare ransomware on their employer’s IT systems. Interested parties received an MS Outlook email