April 3, 2026

Man Arrested for Locking Thousands of Windows Devices in Ransomware Extortion Plot

Vaibhav April 3, 2026
Man-Arrested-for-Locking-Thousands-of-Windows-Devices-in-Ransomware-Extortion-Plot
Post Views: 13

Former Infrastructure Engineer Pleads Guilty to Locking Thousands of Windows Devices in Extortion Plot

In a shocking turn of events, a former core infrastructure engineer has admitted to orchestrating an extortion plot targeting his former employer, a prominent industrial company based in New Jersey.

The Plot Unfolds:

A 57-year-old Daniel Rhyne from Kansas City, Missouri, remotely accessed the company’s network without permission between November 9 and November 25, 2023.

  • Rhyne allegedly scheduled tasks on the company’s Windows domain controller to delete network admin accounts and change passwords for 13 domain admin accounts and 301 domain user accounts to “TheFr0zenCrew!”
  • The changes affected 3,284 workstations and 254 servers, causing widespread disruption to the organization’s operations
According to court documents, forensic investigators discovered that Rhyne had conducted extensive research online prior to executing the plot, searching for information on clearing Windows logs, changing domain user passwords, and deleting domain accounts.

Rhyne was apprehended in Missouri on August 27, 2024, and subsequently appeared in federal court. The hacking and extortion charges to which he pleaded guilty carry a maximum penalty of 15 years in prison.

Lessons Learned:

This high-profile case serves as a stark reminder of the devastating consequences of insider threats and the importance of robust security measures to mitigate such risks.

  • Investigations into the case revealed that Rhyne had allegedly researched and prepared extensively before executing the plot, demonstrating a calculated and deliberate approach to the crime
  • The case highlights the critical need for organizations to implement robust security protocols, including multi-factor authentication, regular software updates, and employee background checks, to prevent and respond to such incidents

This incident is particularly significant given the fact that it involves an insider threat, which can often prove more challenging to detect than external attacks.

As the investigation unfolds, it remains to be seen how the convicted individual will face punishment, but the case undoubtedly serves as a warning to organizations and individuals alike about the severe consequences of engaging in such malicious activities.



About Author

Vaibhav

See author's posts

More Stories

New-Android-RAT-Malware-Allows-Hackers-Unrestricted-Access-to-Phones

New Android/RAT Malware Allows Hackers Unrestricted Access to Phones

Vaibhav April 3, 2026
Upcoming-Event-Global-AI-Conference-2023-Discover-the-Latest-Advances-in-Artificial-Intelligence

Upcoming Event: Global AI Conference 2023 – Discover the Latest Advances in Artificial Intelligence

Vaibhav April 3, 2026
Cisco-IMC-Authentication-Bypass-Vulnerability-Exposes-User-Passwords-CVE-2026-20093

Cisco IMC Authentication Bypass Vulnerability Exposes User Passwords CVE-2026-20093

Vaibhav April 3, 2026

Latest Cyber Security News

Massive-Data-Breach-Affects-Major-US-Agencies-Including-FBI-IRS-and-NASA-via-Salesforce-Security-Incident

Massive Data Breach Affects Major US Agencies Including FBI, IRS, and NASA via Salesforce Security Incident

Vaibhav April 3, 2026
New-Android-RAT-Malware-Allows-Hackers-Unrestricted-Access-to-Phones

New Android/RAT Malware Allows Hackers Unrestricted Access to Phones

Vaibhav April 3, 2026
PhonePe-Hack-Leads-to-Fake-Refund-Calls-Triggering-Massive-Fraud-Cases

PhonePe Hack Leads to Fake Refund Calls Triggering Massive Fraud Cases

Vaibhav April 3, 2026
Upcoming-Event-Global-AI-Conference-2023-Discover-the-Latest-Advances-in-Artificial-Intelligence

Upcoming Event: Global AI Conference 2023 – Discover the Latest Advances in Artificial Intelligence

Vaibhav April 3, 2026
Cisco-IMC-Authentication-Bypass-Vulnerability-Exposes-User-Passwords-CVE-2026-20093

Cisco IMC Authentication Bypass Vulnerability Exposes User Passwords CVE-2026-20093

Vaibhav April 3, 2026
en_USEnglish
en_USEnglish