If this holds true, we should be happy and we should also charge people the same way.
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States.
Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) widely distributed through many affiliates. Between May 2024 and November 2024, it accounted for roughly 11% of all submissions to the ID Ransomware service.
The Justice Department has linked the Phobos ransomware gang to breaches of over 1,000 public and private entities in the United States and worldwide, with ransom payments worth more than $16 million.
The article continues:
?After attacks that resulted in a ransom payment, the affiliates paid Phobos administrators, including Ptitsyn, for the decryption keys. As the Justice Department said on Monday, each ransomware deployment had a unique alphanumeric string that linked it to the corresponding key, and the payments were directed to specific cryptocurrency wallets unique to each affiliate.
While i’m confused because it said May to some time last year, not 2021-2024 in another part of this article. The paragraph says:
“From December 2021 to April 2024, the decryption key fees were then transferred from the unique affiliate cryptocurrency wallet to a wallet controlled by Ptitsyn,” the Justice Department added.
The best part of the article?
Ptitsyn is charged in a 13-count indictment, including wire fraud, conspiracy to commit computer fraud, and extortion related to hacking. If convicted, he faces up to 20 years for each wire fraud count, 10 years for each hacking count, and five years for conspiracy charges.
This is significant prison time if convicted, and I hope that if true, this sends a message and a strong one.
To read the complete story, read US charges Phobos ransomware admin after South Korea extradition and make it a great day.