South Florida man first to be arrested and sentenced for ransomware-related crimes
A South Florida man is one of the first in the U.S. to be arrested and sentenced for ransomware-related crimes.
As an adjunct math professor at Miami Dade College, Raymond Uadiale earned glowing reviews on a website where students rate their professors. As a student, the Nigerian immigrant did well enough in his graduate school telecom and network studies at Florida International University that his GPA placed him among the top performers in his class.
Uadiale married, had two kids and landed a job with Microsoft in Seattle as a network engineer. He and his wife bought a $390,000, three bedroom house in 2017 in Maple Valley, Wash., about an hour south of Microsoft’s Redmond headquarters.
Last March, as the family got ready to start their day, Uadiale opened the front door around 7 a.m. to find at least a half-dozen FBI agents, some with weapons drawn, one with a twohanded door ram. They had a search warrant, patted down Uadiale, and as his kids played and then left with their mother, the agents searched the house. Uadiale sat on the living room couch as agents quizzed him about where he got his money and also talked soccer and gardening. They seized four computers, Amazon devices, thumb drives, tablets and Samsung phones.
Two months later, Uadiale was indicted in Miami on charges of laundering money for a ransomware operator based in England who tapped victims for nearly $100,000.
Court and public records show that Uadiale, now 41, was born in Nigeria and immigrated to the United States. He taught math and served as a tutor at Miami Dade College off and on from 2008 until last year, according to the college. Also in 2008, he finished a master’s in telecom and networking at Florida International University, according to a university spokeswoman. He became a U.S. citizen in 2011, and by 2012 was living in a Miami Gardens apartment.
It’s not clear how, but around that time he made contact via the internet with an individual in England who identified himself online only as “K!NG.” They would chat via the internet from fall 2012 to spring 2013.
K!NG — Uadiale said he never learned the man’s real name — was Zain Qaiser, according to authorities. Qaiser at the time would have been in his teens, but he was making, according to later British press reports, “tens of thousands of pounds” off victims of ransomware.
Qaiser acquired ad space on legal porn sites and placed ads containing malware on them, British media reported. Visitors who clicked on the ads unknowingly infected their computers with a particular strain of ransomware then making the rounds called Reveton. Reveton froze computer screens, falsely displayed law enforcement logos — of the FBI and myriad other agencies in other countries — and a message informing the computer users that they had violated the law and criminal proceedings would ensue unless they paid a fee.
The frozen screen had instructions to buy a specific company’s prepaid debit card, enter the account number on the frozen screen and thus pay the ransom. Qaiser hammered hundreds of victims and got them to part with several hundred dollars apiece, federal authorities say.
He enlisted Uadiale to launder the money. The scheme was complicated, but Qaiser would move the prepaid debit card money people paid as ransom onto other prepaid debit card accounts obtained by Uadiale. Federal authorities say Uadiale then would go to ATMs and other point-of-sale locations in Miami Gardens and elsewhere and turn the cards into cash. He kept 30% for himself and forwarded 70% of the proceeds to Qaiser via a digital currency platform.
Once, Qaiser advised Uadiale they had a lot of work coming because “the main locker guy infected 100k+ USA PCs.” (Locker is slang for ransomware.) When K!NG chatted about needing to make money, Uadiale responded, “Me, too, I need money so I can get wasted on my birthday.” All told, Uadiale, according to court proceedings, sent Qaiser $93,640.
Qaiser was arrested by English authorities and charged with blackmail, fraud and computer protection law violations. On his laptop, they found digital chats between Qaiser, as K!NG, and a “Mike Roland.” One of the chats included a reference to a Yahoo email address. Federal authorities got a warrant to look into that email account, which led them to Uadiale (aka Mike Roland), which in turn led them to the warrant to search Uadiale’s Washington house and seize his technology, where they found more chats with K!NG.
In announcing the case, the U.S. Attorney’s office said Uadiale laundered the money while a student at FIU. FIU, however, says he graduated in 2008 — years before the ransomware money laundering.
His attorney, David Joffe, said Uadiale was “living the American dream out there, and this past conduct came to bite him in the rear end.”
He lost his job at Microsoft. His wife, at last report, remained in Washington to pursue a nursing degree. He was charged with a single count of conspiracy to launder money and one actual count, each carrying a 20-year term. In a plea bargain, he pleaded guilty to the conspiracy charge.
“I agree I made a mistake,” he told federal judge William P. Dimitrouleas as he pleaded guilty last year. “But the best thing is I got married. I have two young kids I’m taking care of.” At his sentencing, he was hoping for probation. “I really plead to be able to go back and support my kids,” he said. “I don’t want them to be homeless or to be — to not have their father, if I’m not there with them. … I don’t want the mistake I made in my life to ruin their own future.”
Federal prosecutor W. Joss Nichols of the Justice Department’s computer crime and intellectual property section, told the judge that given his “clear intelligence,” Uadiale should have known better but “pure greed and gluttony” motivated him. Nichols said ransomware is a top five crime his section sees, with $1 billion in victim payments a year. But it’s so hard to track down perpetrators that Uadiale’s sentencing “is one of the first, if not the first, ransomware-related sentencing that has occurred in the United States.” Nichols told the judge, “this sentence today has the opportunity to make an announcement that ransomware is a serious crime. It causes serious harm. And those who would profit — seek to profit from the proceeds of ransomware victims — face serious consequences.”
Dimitrouleas sentenced Uadiale to 18 months in prison followed by three years of supervised release. Uadiale’s attorney, Joffe, has appealed the sentence as too severe for the crime and Uadiale’s lack of a criminal history.