The US Division of Justice (DOJ) has unsealed prison costs towards two Russian nationals, alleged to have operated a cybercrime gang that used ransomware to focus on over 1000 American organisations.
Roman Berezhnoy and Egor Nikolaevich Glebov, 33 and 39 years previous respectively, are alleged to have extorted over US $16 million in ransom funds utilizing the Phobos ransomware.
Between Could 2019 and at the very least October 2024, Roman Berezhnoy, Egor Nikolaevich Glebov, and others are alleged to have hit a variety of victims together with a kids’s hospital, well being care suppliers, and academic establishments with their cyber assaults and ransom calls for.
Berezhnoy, Glebov, and others are alleged to have run the Phobos ransomware affiliate operation variously known as names reminiscent of “8Base” and “Affiliate 2803” – which left victims with their file encrypted, and a cryptocurrency ransom be paid to regain entry to their content material.
As is typical with many ransomware assaults, the prison scheme threatened that the sufferer’s stolen information can be revealed if a ransom was not paid.
Within the DOJ’s indictment towards Berezhnoy and Glebov, it particulars how victims of the Phobos ransomware usually acquired a ransom demand of underneath US $100,000 – lower than the calls for made by different infamous ransomware teams.
Berezhnoy and Glebov had been arrested on Monday as a part of a coordinated operation which noticed multinational legislation enforcement businesses disrupt the operations of a cybercrime organisation, that additionally noticed the arrest of different suspects and the takedown of greater than 100 servers used within the Phobos scheme.
In February 2024, the FBI warned of the threat posed by Phobos, and shared particulars of the steps organisations may take to cut back the probabilities of falling foul of ransomware.
If convicted of the fees filed towards them, Berezhnoy and Glebov face a possible sentence of a long time in jail.
One other Russian nationwide, Evgenii Ptitsyn, was not too long ago extradited to the United States from South Korea to face costs that he administered the sale, distribution, and operation of the Phobos ransomware.
Ptitsyn’s indictment underlined that it’s not simply the biggest and wealthiest firms who’re focused by ransomware operators – with one affiliate allegedly having efficiently extorted a ransom of simply US $2,300 out of a Maryland healthcare supplier.
