The US Division of Justice (DOJ) has unsealed legal expenses in opposition to two Russian nationals, alleged to have operated a cybercrime gang that used ransomware to focus on over 1000 American organisations.
Roman Berezhnoy and Egor Nikolaevich Glebov, 33 and 39 years previous respectively, are alleged to have extorted over US $16 million in ransom funds utilizing the Phobos ransomware.
Between Might 2019 and at the least October 2024, Roman Berezhnoy, Egor Nikolaevich Glebov, and others are alleged to have hit a variety of victims together with a kids’s hospital, well being care suppliers, and academic establishments with their cyber assaults and ransom calls for.
Berezhnoy, Glebov, and others are alleged to have run the Phobos ransomware affiliate operation variously referred to as names corresponding to “8Base” and “Affiliate 2803” – which left victims with their file encrypted, and a cryptocurrency ransom be paid to regain entry to their content material.
As is typical with many ransomware assaults, the legal scheme threatened that the sufferer’s stolen knowledge could be printed if a ransom was not paid.
Within the DOJ’s indictment in opposition to Berezhnoy and Glebov, it particulars how victims of the Phobos ransomware typically acquired a ransom demand of beneath US $100,000 – lower than the calls for made by different infamous ransomware teams.
Berezhnoy and Glebov have been arrested on Monday as a part of a coordinated operation which noticed multinational legislation enforcement businesses disrupt the operations of a cybercrime organisation, that additionally noticed the arrest of different suspects and the takedown of greater than 100 servers used within the Phobos scheme.
In February 2024, the FBI warned of the risk posed by Phobos, and shared particulars of the steps organisations may take to scale back the probabilities of falling foul of ransomware.
If convicted of the costs filed in opposition to them, Berezhnoy and Glebov face a possible sentence of a long time in jail.
One other Russian nationwide, Evgenii Ptitsyn, was just lately extradited to the US from South Korea to face expenses that he administered the sale, distribution, and operation of the Phobos ransomware.
Ptitsyn’s indictment underlined that it isn’t simply the biggest and wealthiest corporations who’re focused by ransomware operators – with one affiliate allegedly having efficiently extorted a ransom of simply US $2,300 out of a Maryland healthcare supplier.
