Saturday, December 7, 2024
HomeCyber Security NewsPhobos Ransomware Admin as Part of International Hacking Operation

Phobos Ransomware Admin as Part of International Hacking Operation

Published on

SIEM as a Service

The U.S. Department of Justice unsealed criminal charges today against Evgenii Ptitsyn, a 42-year-old Russian national accused of being a key figure in the notorious Phobos ransomware syndicate.

Ptitsyn was extradited from South Korea and made his initial appearance in the U.S. District Court for the District of Maryland on November 4.

Phobos ransomware has been linked to over 1,000 cyberattacks on public and private entities worldwide, resulting in more than $16 million in ransom payments from victims, according to prosecutors.

- Advertisement - SIEM as a Service

The ransomware specifically targeted critical sectors, including schools, hospitals, government agencies, and businesses, leaving a trail of encrypted data and financial devastation.

Maximizing Cybersecurity ROI: Expert Tips for SME & MSP Leaders – Attend Free Webinar

Deputy Attorney General Lisa Monaco emphasized the collaborative effort in Ptitsyn’s capture: “Thanks to the tireless work of law enforcement agencies across multiple countries, we’ve brought an alleged cybercriminal to justice.”

Monaco highlighted the importance of international partnerships in combating the growing ransomware threat.

Phobos Ransomware’s Global Reach

According to the report from the US Dep. of. Justice, Ptitsyn, operating under online pseudonyms such as “derxan” and “zimmermanx,” allegedly coordinated the sale and distribution of Phobos ransomware to criminal affiliates.

These affiliates would infiltrate victim networks, steal sensitive data, and encrypt files, demanding large ransom payments for decryption keys. Failure to pay often led to threats of public exposure of the stolen files.

Principal Deputy Assistant Attorney General Nicole M. Argentieri stressed the scale of the operation: “Ptitsyn and his co-conspirators extorted millions from victims globally. This indictment reflects our unwavering commitment to holding ransomware actors accountable.”

Ptitsyn faces a 13-count indictment, including charges of wire fraud conspiracy, computer fraud, and extortion.

If convicted, he could face up to 20 years in prison for each count of wire fraud and 10 years for each hacking-related charge. A federal judge will determine sentencing based on U.S. Sentencing Guidelines.

The FBI’s Baltimore Field Office has spearheaded the investigation, with international law enforcement agencies from South Korea, Europe, and beyond playing pivotal roles in Ptitsyn’s arrest and extradition.

This case marks a critical victory in the U.S. government’s ongoing fight against global cybercrime.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN -> Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...