The US Division of Justice (DOJ) has unsealed felony expenses in opposition to two Russian nationals, alleged to have operated a cybercrime gang that used ransomware to focus on over 1000 American organisations.
Roman Berezhnoy and Egor Nikolaevich Glebov, 33 and 39 years outdated respectively, are alleged to have extorted over US $16 million in ransom funds utilizing the Phobos ransomware.
Between Could 2019 and a minimum of October 2024, Roman Berezhnoy, Egor Nikolaevich Glebov, and others are alleged to have hit a variety of victims together with a youngsters’s hospital, well being care suppliers, and academic establishments with their cyber assaults and ransom calls for.
Berezhnoy, Glebov, and others are alleged to have run the Phobos ransomware affiliate operation variously referred to as names resembling “8Base” and “Affiliate 2803” – which left victims with their file encrypted, and a cryptocurrency ransom be paid to regain entry to their content material.
As is typical with many ransomware assaults, the felony scheme threatened that the sufferer’s stolen information could be revealed if a ransom was not paid.
Within the DOJ’s indictment in opposition to Berezhnoy and Glebov, it particulars how victims of the Phobos ransomware usually obtained a ransom demand of beneath US $100,000 – lower than the calls for made by different infamous ransomware teams.
Berezhnoy and Glebov had been arrested on Monday as a part of a coordinated operation which noticed multinational regulation enforcement businesses disrupt the operations of a cybercrime organisation, that additionally noticed the arrest of different suspects and the takedown of greater than 100 servers used within the Phobos scheme.
In February 2024, the FBI warned of the risk posed by Phobos, and shared particulars of the steps organisations might take to cut back the probabilities of falling foul of ransomware.
If convicted of the costs filed in opposition to them, Berezhnoy and Glebov face a possible sentence of many years in jail.
One other Russian nationwide, Evgenii Ptitsyn, was lately extradited to the USA from South Korea to face expenses that he administered the sale, distribution, and operation of the Phobos ransomware.
Ptitsyn’s indictment underlined that it’s not simply the most important and wealthiest firms who’re focused by ransomware operators – with one affiliate allegedly having efficiently extorted a ransom of simply US $2,300 out of a Maryland healthcare supplier.
