"A 47-year-old man arrested by police in Poland for allegedly being involved in cybercriminal activities has been linked to the Phobos ransomware operation. According to Poland's Central Cybercrime Bureau, officers found hacking tools, credentials, payment card numbers, and server IP addresses on the unnamed suspect's devices during a search. They also discovered that the suspect had exchanged messages with the Phobos ransomware group."
"The international law enforcement operation involved infrastructure takedowns and the arrests of several Russian nationals believed to have been key members and affiliates of the cybercrime gang. One suspect, accused of selling, distributing, and operating the Phobos ransomware, was extradited from South Korea to the US in late 2024. According to authorities, more than 1,000 organizations around the world have been targeted in Phobos ransomware attacks and the cybercriminals are believed to have obtained over $16 million in ransom payments."
Polish authorities arrested a 47-year-old suspect linked to the Phobos ransomware operation. Officers found hacking tools, credentials, payment card numbers, and server IP addresses on the suspect's devices and discovered exchanged messages with the Phobos group. Authorities indicated the suspect may have been an affiliate rather than an operator. Phobos emerged in 2019 as a ransomware-as-a-service and prompted a U.S. warning to critical infrastructure in early 2024. International law enforcement actions included infrastructure takedowns, arrests of several Russian nationals, and an extradition from South Korea; authorities estimate over 1,000 victims and more than $16 million in ransoms.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]