Russian hacker extradited to US over Phobos ransomware crimes


A Russian national has been extradited from South Korea to the US to appear in court after his alleged involvement in international hacking and extortion schemes that victimized thousands.

Evgenii Ptitsyn, 42, made his first appearance in court after being accused of selling, distributing, and operating Phobos ransomware, which was used to extort victims out of upwards of $16 million.

Ptitsyn, alongside others, allegedly developed and offered other cybercriminals (known as affiliates) access to Phobos ransomware. This type of malware encrypts victims' files and sensitive data and is later used to extort them.

ADVERTISEMENT

Administrators like Ptitsyn ran a site on the dark web that helped them sell and distribute this ransomware. Once secure, ‘affiliates’ would then hack into victims' computer systems, often using stolen credentials, to copy and steal sensitive data.

Niamh Ancell BW Ernestas Naprys Paulius Grinkevicius vilius
Don’t miss our latest stories on Google News

These cybercriminals then encrypted the original versions of the documents using Phobos ransomware. Once encrypted, affiliates demanded ransom payments in exchange for decryption keys – as typical of any ransomware scheme.

According to the Department of Justice, if the ransomware scheme went as planned, cybercriminals would pay Phobos administrators for decryption keys. These payments were then sent to specific cryptocurrency wallets.

The cryptocurrency was then transferred from these specific wallets into a wallet that Ptitsyn had control of.

The alleged Phobos administrator, who went by the monikers “derxan” and “zimmermanx,” has been accused of 13 separate crimes ranging from wire fraud to intentional damage to a protected computer. If found guilty of all these crimes, Ptitsyn could spend the rest of his life behind bars.

ADVERTISEMENT