{"id":6306,"date":"2024-11-19T12:09:26","date_gmt":"2024-11-19T18:09:26","guid":{"rendered":"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/phobos-ransomware-cybercriminal-extradited-south-korea"},"modified":"2024-11-19T12:09:26","modified_gmt":"2024-11-19T18:09:26","slug":"phobos-ransomware-cybercriminal-extradited-from-south-korea","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/11\/19\/phobos-ransomware-cybercriminal-extradited-from-south-korea\/","title":{"rendered":"‘Phobos’ Ransomware Cybercriminal Extradited From South Korea"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

After being extradited from South Korea, a Russian cybercriminal leader has made his first appearance in the US District Court for the District of Maryland to face his charges.<\/span><\/p>\n

Evgenii Ptitsyn, 42, is a Russian national who allegedly administered the sale, distribution, and operation of <\/span>Phobos ransomware<\/a><\/span>, which has been used against more than 1,000 victims, including public and private entities in the United States and globally. Using Phobos ransomware, its affiliates have extorted ransom payments amounting to more than $16 million, according to the indictment.<\/span><\/p>\n

Ptitsyn and his affiliates conspired to partake in an international computer hacking and extortion scheme using the ransomware, according to the Justice Department, which believes the activity to have begun in at least November 2020.<\/span><\/p>\n

Along with his co-conspirators, Ptitsyn would offer <\/span>access to the ransomware to other criminals<\/a><\/span>, creating an operation in which affiliates would use unauthorized credentials to gain access into victims’ computer networks, steal files and programs, and encrypt the original versions of the stolen data before installing and executing the Phobos ransomware. The affiliates would threaten to expose the stolen files to the public or the victim’s clients, customers, or constituents if the ransom was not paid.<\/span><\/p>\n

“Ptitsyn and his co-conspirators hacked not only large corporations, but also schools, hospitals, nonprofits, and a federally recognized tribe, and they extorted more than $16 million in ransom payments,” <\/span>stated<\/a><\/span> Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Ptitsyn’s indictment, arrest, and extradition reflect the Criminal Division’s commitment to leading the fight against the international scourge of ransomware.”<\/span><\/p>\n

Charged in a 13-count indictment with wire fraud conspiracy, wire fraud, conspiracy to commit computer fraud and abuse, four counts of causing intentional damage to protected computers, and four counts of extortion in relation to hacking, Ptitsyn will face a maximum penalty of 20 years in prison for each wire fraud count, 10 years for each computer hacking count, and five years for conspiracy to commit computer fraud and abuse, if he is convicted.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

After being extradited from South Korea, a Russian cybercriminal leader<\/p>\n","protected":false},"author":12,"featured_media":6307,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-6306","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=1800%2C1013&ssl=1",1800,1013,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=1800%2C1013&ssl=1",1800,1013,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/phobos-ransomware-cybercriminal-extradited-from-south-korea.jpg?fit=1800%2C1013&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6306"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6306\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/6307"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}