Phobos Ransomware Cyber Actor Update

13223510085?profile=RESIZE_400xAfter being deported from South Korea, a Russian cybercriminal leader has made his first appearance in the US District Court for the District of Maryland to face his charges. Evgenii Ptitsyn, 42, is a Russian national who allegedly administered the sale, distribution, and operation of Phobos ransomware, which has been used against more than 1,000 victims, including public and private entities in the United States and globally. According to the indictment, its affiliates have extorted ransom payments amounting to more than $16 million.

See: https://redskyalliance.org/xindustry/broker-offers-network-access-for-only-25

Ptitsyn and his affiliates conspired to participate in an international computer hacking and extortion scheme using ransomware, according to the Justice Department, which believes the activity began in at least November 2020. Along with his co-conspirators, Ptitsyn would offer access to the ransomware to other criminals, creating an operation in which affiliates would use unauthorized credentials to gain access to victims' computer networks, steal files and programs, and encrypt the original versions of the stolen data before installing and executing the Phobos ransomware. The affiliates would threaten to expose the stolen files to the public or the victim's clients, customers, or constituents if the ransom was not paid.

"Ptitsyn and his co-conspirators hacked not only large corporations but also schools, hospitals, nonprofits, and a federally recognized tribe, and they extorted more than $16 million in ransom payments," stated Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department's Criminal Division. "Ptitsyn's indictment, arrest, and extradition reflect the Criminal Division's commitment to leading the fight against the international scourge of ransomware."
Charged in a 13-count indictment with wire fraud conspiracy, wire fraud, conspiracy to commit computer fraud and abuse, four counts of causing intentional damage to protected computers, and four counts of extortion about hacking, Ptitsyn will face a maximum penalty of 20 years in prison for each wire fraud count, 10 years for each computer hacking count, and five years for conspiracy to commit computer fraud and abuse, if he is convicted.

 

This article is shared at no charge and is for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com

• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941

Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!