Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Ransomware Suspect Charged in US for Attacks on Microsoft Exchange Servers

Comment

Ransomware Suspect Charged in US for Attacks on Microsoft Exchange Servers

Netvora May 2, 2025 at 04:50 PM Security
Ransomware Suspect Charged in US for Attacks on Microsoft Exchange Servers

Ransomware Suspect Charged in US for Attacks on Microsoft Exchange Servers

By Netvora Tech News

A 36-year-old man from Yemen has been charged in the United States for allegedly carrying out ransomware attacks on Microsoft Exchange servers of various organizations. According to authorities, the attacks affected not only American businesses but also schools and hospitals. The attacks, which used the Black Kingdom ransomware, infected an estimated 1,500 systems worldwide. The hackers exploited a well-known vulnerability in the Microsoft software, identified as CVE-2021-27065. In 2021, antivirus firm Kaspersky described the attacks as opportunistic. The attackers demanded $10,000 in bitcoin from victims in exchange for unlocking their files. The suspect is currently believed to be in Yemen, and if convicted in the US, faces up to five years in prison.

Exploiting a Known Vulnerability

The attacks exploited a vulnerability in the Microsoft Exchange software, which was first identified in 2021. The vulnerability, known as CVE-2021-27065, was a known issue that Microsoft had previously patched, but it appears that the attackers were able to exploit it to gain access to the affected systems.

A Global Problem

The attacks were not limited to the US, with victims reported in countries around the world. The global nature of the attacks highlights the need for international cooperation in responding to cyber threats.

The Consequences of Cybercrime

The consequences of cybercrime can be severe, with victims often forced to pay hefty ransoms to regain access to their data. In this case, the attackers demanded $10,000 in bitcoin, a significant amount for individuals and businesses alike.

The Investigation and Prosecution

The investigation into the attacks is ongoing, with authorities working to track down and prosecute those responsible. The charges against the suspect are a significant step forward in bringing those responsible to justice.

  • The attacks affected an estimated 1,500 systems worldwide.
  • The hackers exploited a vulnerability in the Microsoft Exchange software, identified as CVE-2021-27065.
  • The attackers demanded $10,000 in bitcoin from victims in exchange for unlocking their files.
  • The suspect is currently believed to be in Yemen.
  • If convicted in the US, the suspect faces up to five years in prison.

Comments (0)

Leave a comment

Back to homepage

You might also like