Yesterday it became known that 42-year-old Evgeny Ptitsyn was extradited from South Korea to appear in federal court in Maryland. He is accused of administering a massive extortion operation using the Phobos malware. It is alleged that the cyberattacks organized by Ptitsyn caused damage in the amount of at least $16 million. More than a thousand government organizations and individuals around the world became victims of the cybercriminal.
According to the newly unsealed indictment, the cybercriminal’s victims include a consulting company and several healthcare providers from Maryland, a law enforcement union from New York, a US Department of Defense and US Department of Energy contractor from Illinois, and a children’s hospital from North Carolina. The prosecution believes that Ptitsyn joined cybercriminals back in 2020 and has since been actively involved in the development and distribution of the virus. They also advertised Phobos ransomware on cybercrime forums.
The unnamed companies named in the indictment paid ransoms ranging from $12,000 to $300,000 to obtain the key to regain access to files encrypted by the ransomware. The prosecution confirms Ptitsyn’s involvement by the fact that funds for decryption were transferred to a cryptocurrency wallet “in the possession and control of Ptitsyn”.
Ptitsyn is charged with conspiracy to commit wire fraud and wire crimes, conspiracy to commit computer fraud and abuse, and multiple counts of malicious damage to protected computers and extortion. If convicted, he faces decades in prison.
“Evgeniy Ptitsyn extorted millions of dollars in ransom from thousands of victims and is now brought to justice in the United States thanks to the hard work and ingenuity of law enforcement agencies around the world – from the Republic of Korea to Japan, Europe and finally Baltimore, Maryland.”said US Deputy Attorney General Lisa Monaco.
Other cybercriminal groups, including 8Base, are also known to have used Phobos ransomware in their attacks.
If you notice an error, select it with the mouse and press CTRL+ENTER.