The U.S. Justice Department has pressed charges against Yemeni national Rami Khaled Ahmed over his alleged participation in global Black Kingdom ransomware attacks targeted at Microsoft Exchange Servers impacted by the ProxyLogon vulnerability between March 2021 and June 2023, reports The Hacker News.
Numerous U.S. organizations, including an Encino-based medical billing services firm, a Wisconsin-based health clinic, a Pennsylvanian school district, and an Oregon-based ski resort, have been compromised as a result of the intrusions that lasted for more than two years, according to the Justice Department, which noted tha Ahmed could be jailed for up to 15 years if convicted. Aside from having been leveraged in attacks exploiting the Pulse Secure VPN flaw, tracked as CVE-2019-11510, Black Kingdom also known as Pydomer was also noted by Sophos researchers to have been a less sophisticated ransomware operation. Such a development comes after Ukrainian national Artem Stryzhak was indicted over his role in Nefilim ransomware attacks.
Numerous U.S. organizations, including an Encino-based medical billing services firm, a Wisconsin-based health clinic, a Pennsylvanian school district, and an Oregon-based ski resort, have been compromised as a result of the intrusions that lasted for more than two years, according to the Justice Department, which noted tha Ahmed could be jailed for up to 15 years if convicted. Aside from having been leveraged in attacks exploiting the Pulse Secure VPN flaw, tracked as CVE-2019-11510, Black Kingdom also known as Pydomer was also noted by Sophos researchers to have been a less sophisticated ransomware operation. Such a development comes after Ukrainian national Artem Stryzhak was indicted over his role in Nefilim ransomware attacks.
