The US government has secured the extradition of a suspected Russian hacker who allegedly served as the primary administrator of the massive Phobos ransomware operation.
Prosecutors announced Monday that Evgeny Putitsyn, 42, was recently extradited from South Korea and appeared in Maryland federal court on Nov. 4. Petitsyn is accused of managing the sale, distribution and operation of Phobos, a type of ransomware operation. Cybercriminals launch a cyberattack that extorts at least $16 million from more than 1,000 public and private victims worldwide.
The newly unsealed indictment reveals that these victims include a Maryland-based company that provided accounting and consulting services to federal agencies. Several Maryland-based health care providers. A law enforcement union based in New York. An Illinois-based contractor for the U.S. Department of Defense and the U.S. Department of Energy. and North Carolina-based Children's Hospital.
The unnamed companies listed in the indictment against Petitsyn paid ransoms ranging from $12,000 to $300,000, but one of the victims, an unnamed Maryland-based health care provider, Paid $2,300 to receive a decryption key to regain access to maliciously scrambled files.
According to the indictment, Petitsyn participated in Operation Phobos in 2020. Prosecutors allege that Petitsyn helped develop and distribute the ransomware to affiliated companies that worked as contractors to launch attacks using the ransomware.
Petitsyn and his co-conspirators promoted Phobos ransomware for free through posts on cybercrime forums, but charged affiliates approximately $300 to receive decryption keys to access data stolen from victims. It is said that he did.
In the indictment, federal authorities said they arrested Petitsyn in part because the decryption fees were transferred to a cryptocurrency wallet “owned and controlled by Petitsyn.”
Other cybercrime groups, such as 8Base, are known to use Phobos ransomware in their attacks.
“Evgeny Putitsyn allegedly extorted millions of dollars in ransoms from thousands of victims, and was the subject of law enforcement agencies around the world, from South Korea to Japan, Europe, and ultimately the world. Thanks to hard work and ingenuity, justice is now being served in the United States of America, “Baltimore, Maryland,'' Deputy U.S. Attorney Lisa Monaco said in her remarks.
Petitsyn is charged with conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud and abuse, and multiple counts of intentionally damaging and extorting a protected computer. If convicted, Petitsyn faces decades in prison.