Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt
A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer.
Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud.
He was arrested in the state on August 27, 2024, following an attempt to extort an unnamed industrial company that's headquartered in Somerset County, New Jersey, where he was employed as a core infrastructure engineer.
Per court documents, some employees of the company are said to have received an extortion email that warned all of its IT administrators had been locked out or removed from the network, data backups had been deleted, and an additional 40 servers would be shut down each day over the next 10 days if a ransom of 20 bitcoin, then valued at $750,000, wasn't paid.
"The investigation revealed that Rhyne gained unauthorized access to the company's computer systems by remotely accessing the company administrator account," the U.S. Department of Justice (DoJ) said.
Recommended by LinkedIn
"Rhyne then, without authorization, scheduled several computer tasks to be carried out on the network, including changing the company administrator passwords and shutting down its servers. Rhyne controlled the email address used to send the November 25 extortion email to the company's employees."
Rhyne is believed to have used Windows' net user and Sysinternals Utilities' PsPasswd tool to modify the domain and local administrator accounts and change the passwords to "TheFr0zenCrew!," prosecutors claimed in court documents.
Authorities said the defendant allegedly used a hidden virtual machine to remotely access an admin account that was not only traced back to his company-issued laptop, but also to search the web for details on how to use the command-line to change the local administrator password and clear Windows logs.
Rhyne, who made his initial appearance on the same day of his arrest, faces a maximum penalty of 35 years in prison and a $750,000 fine for all three charges.
BSc | MSc | Cyber Security Analyst -SOC| CompTIA Sec+ Certified | ICS/OT Security Expert (OOSE) | OEHE | Armis Certified |Proofpoint Certified | Crowdstrike | SentinelOne | Splunk | IBM QRadar
4moThis really doesn't look realistic; I think the guy was just acting a film.
Consulting services only
4moI hope this guy goes to jail. There must be an easier way to make money. Daniel had a plan. It just wasn't a good plan. What an idiot.
Visionary Cybersecurity Management Executive | AI Enthusiast | Enterprise Information Technology Systems Security Architect | Strategic Governance | Global Team Leader | Defender of Critical Infrastructure | 30+ Years
4moThis individual's actions were not just foolish but also deeply misguided. The fact that he thought he could extort his former employer for such a large sum without getting caught shows a lack of understanding of how easily digital trails can be traced. While he certainly deserves consequences, 35 years of prison time for a non-violent offense seems excessive. Fines and extensive community service would be more appropriate forms of punishment, serving as effective deterrents without resorting to incarceration. Prison should be reserved for those who pose a physical threat to society. Here, no one was physically harmed, and the threat, though serious, was not violent. This also highlights the flaws in the concept of corporate personhood. Equating financial harm to a corporation with physical harm to people distorts our sense of justice. Treating corporations as people in these contexts often results in overly harsh penalties that prioritize corporate protection over fair and just punishment. We need to ensure that our justice system reflects the actual harm caused, not the interests of entities that aren't truly equivalent to people.