A Yemeni national, Rami Khaled Ahmed, has been indicted by the United States for his role in operating the βBlack Kingdomβ ransomware, targeting Microsoft Exchange servers in 1,500 attacks. The ransomware exploited vulnerabilities in the servers, demanding ,000 in Bitcoin as ransom. If convicted, Ahmed could face up to 15 years in prison.
Keypoints :
- 36-year-old Rami Khaled Ahmed is the primary operator of the Black Kingdom ransomware.
- Ahmed deployed the ransomware on 1,500 computers, demanding ransom payments of ,000 in Bitcoin.
- Attacks occurred from March 2021 to June 2023, affecting various U.S. organizations, including medical services and educational institutions.
- Black Kingdom ransomware exploited Microsoft Exchange vulnerabilities, particularly the ProxyLogon flaws.
- Charges against Ahmed include conspiracy, intentional damage to a protected computer, and threats of damage.
- If convicted, Ahmed faces a maximum penalty of 15 years in federal prison.
- Ahmed is believed to be residing in Yemen at this time.