Search
Close this search box.

Bitcoin Extortion Mississippi Case

SHARE

Bitcoin Extortion Mississippi

SHARE

Table of Contents

  • Daniel Rhyne carried out an attack on his former employer’s company infrastructure
  • Using an administrator account, he blocked other accounts and servers at the company
  • He demanded 20 Bitcoins to stop the attack
  • The attacker was caught and is now awaiting trial

A 57-year-old man from Missouri was arrested for attempting to extort and threatening to damage the infrastructure of his former employer’s company.

He demanded 20 Bitcoins to stop during which he infiltrated the system as an administrator with privileged rights and performed account and servers lockdowns, and data corruption.

Features of Bitcoin Extortion Mississippi Case

Daniel Rhyne from Kansas City, Missouri, was charged with threats to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud.

The case does not disclose the name of the company, headquartered in Somerset County, New Jersey, but it is known that Daniel Rhyne worked there as a core infrastructure engineer, which gave him a good idea of the company infrastructure and how to take exploit it.

He was arrested on August 27, 2024, and is now only facing charges, but the expected punishment is 35 years in prison and a $750,000 fine.

Technical Features of the Bitcoin Extortion Mississippi Attack

According to court documents, employees received emails where in an exchange of threats, among them:

  • All of its IT administrators were blocked or removed from the network
  • Data backups will be deleted and 40 servers will be shut down every day for the next 10 days.
  • To prevent this the attacker demanded 20 Bitcoins

To do this, the attacker remotely accessed the network administrator’s account with elevated privileges, changed the other accounts’ passwords so that no one could log in and fix the problem, and then created a series of sleeper commands that he used to carry out the previously announced threats.

“Rhyne controlled the email address used to send the November 25 extortion email to the company’s employees. Rhyne is believed to have used Windows’ net user and Sysinternals Utilities’ PsPasswd tool to modify the domain and local administrator accounts and change the passwords to ‘TheFr0zenCrew!’,” the U.S. Department of Justice (DoJ).”

His big mistake, however, was using the laptop the company gave him, and furthermore, searching it for the information he needed to carry out the attack, completely compromising himself.

DoJ claims they discovered a hidden virtual machine for dedicated access to the admin account, and the attacker was immediately identified, with all evidence found on the laptop.

Conclusion

Just recently, we wrote about how cryptocurrency is being misused and becoming the main means of payment for attacks, tools, and other elements of cybercrime.

Of course, this is not the kind of news that crypto enthusiasts would like to see, but it is a reminder once again of the power of the double-edged sword of crypto security and anonymity capabilities.

Join our Legends Community Today!
Gain access to exclusive insights, trading setups 
and daily market reports.

SHARE

Picture of Ermes Adriano

Ermes Adriano

My name is Ermes, and I am a staunch advocate of Web3 principles and technologies. I'm happy to contribute to educating people about what's happening in the crypto industry, especially the developments in blockchain technology that make it all possible, and how it affects global politics and regulation.

Related Post

Buy / Sell Bitcoin

Rating: 90%

Conveniently buy/sell Bitcoin with EUR

binance

Rating: 85%

World’s largest crypto exchange

Our Favourite Trading Platforms

bybit-logo

Rating: 98%

Claim up to $30,050 in Bonus

100x Leverage

Rating: 90%

Get  20,000USDT in Bonus

Rating: 80%

Get up to  $8,100 in Welcome Bonus

Follow Us