A Russian man was extradited to the US for administering the Phobos ransomware

19 November 2024 2 minutes Author: Newsman

Russian Evgeny Ptitsyn, the alleged administrator of Phobos ransomware, was extradited to the United States from South Korea. He is charged with 13 felony counts, including wire fraud, computer hacking and extortion.

Phobos ransomware, which operated on a “ransomware-as-a-service” (RaaS) scheme, collected about $16 million from more than 1,000 victims worldwide. Administrators sold access to the software through darknet forums and messengers, recruiting affiliates for the attacks. Affiliated members of Phobos, unlike the more technically advanced Clop or Black Basta groups, used a “spray and pray” method, attacking many targets with low ransom demands (up to $2000). Pticin, known by the aliases “derxan” and “zimmermanx”, managed cryptocurrency wallets through which payments were made. Hospitals, municipalities and critical institutions became the victims of Phobos. For each case of fraud, Ptitsyn faces up to 20 years in prison.

Phobos ransomware was created to attack less secure organizations, including small businesses and local government agencies. Its popularity among cybercriminals is explained by the low technical requirements for use and the simplicity of operations. In 2024, the activity of Phobos decreased significantly after the arrest of its administrator.

The arrest of Yevhen Ptitsyn is an important step in the fight against “ransomware-as-a-service” schemes. This confirms the effectiveness of international cooperation in the field of cyber security and demonstrates that even years later, criminals can be brought to justice.

Other related articles
Found an error?
If you find an error, take a screenshot and send it to the bot.