The US Division of Justice (DOJ) has unsealed felony fees towards two Russian nationals, alleged to have operated a cybercrime gang that used ransomware to focus on over 1000 American organisations.
Roman Berezhnoy and Egor Nikolaevich Glebov, 33 and 39 years previous respectively, are alleged to have extorted over US $16 million in ransom funds utilizing the Phobos ransomware.
Between Might 2019 and at the least October 2024, Roman Berezhnoy, Egor Nikolaevich Glebov, and others are alleged to have hit a variety of victims together with a youngsters’s hospital, well being care suppliers, and academic establishments with their cyber assaults and ransom calls for.
Berezhnoy, Glebov, and others are alleged to have run the Phobos ransomware affiliate operation variously referred to as names resembling “8Base” and “Affiliate 2803” – which left victims with their file encrypted, and a cryptocurrency ransom be paid to regain entry to their content material.
As is typical with many ransomware assaults, the felony scheme threatened that the sufferer’s stolen knowledge could be revealed if a ransom was not paid.
Within the DOJ’s indictment towards Berezhnoy and Glebov, it particulars how victims of the Phobos ransomware usually acquired a ransom demand of beneath US $100,000 – lower than the calls for made by different infamous ransomware teams.
Berezhnoy and Glebov had been arrested on Monday as a part of a coordinated operation which noticed multinational regulation enforcement businesses disrupt the operations of a cybercrime organisation, that additionally noticed the arrest of different suspects and the takedown of greater than 100 servers used within the Phobos scheme.
In February 2024, the FBI warned of the menace posed by Phobos, and shared particulars of the steps organisations might take to scale back the possibilities of falling foul of ransomware.
If convicted of the costs filed towards them, Berezhnoy and Glebov face a possible sentence of a long time in jail.
One other Russian nationwide, Evgenii Ptitsyn, was lately extradited to the USA from South Korea to face fees that he administered the sale, distribution, and operation of the Phobos ransomware.
Ptitsyn’s indictment underlined that it’s not simply the biggest and wealthiest firms who’re focused by ransomware operators – with one affiliate allegedly having efficiently extorted a ransom of simply US $2,300 out of a Maryland healthcare supplier.
