Europol Reports Arrest of Four Russians in Phobos Ransomware Crackdown

In Paris on February 11, Europol announced the arrest of four Russian nationals suspected of deploying a Phobos ransomware variant to extort payments globally. The pan-European police agency, in cooperation with law enforcement agencies from 14 countries, captured the individuals behind the 8Base ransomware group and dismantled 27 servers tied to the criminal network.

This operation follows a series of significant arrests aimed at combatting Phobos ransomware. These actions enabled law enforcement to notify over 400 companies worldwide about potential ransomware threats.

In June 2024, an administrator of Phobos was apprehended in South Korea and later extradited to the United States for prosecution related to ransomware attacks affecting critical infrastructure, business systems, and personal data.

Furthermore, in 2023, a crucial Phobos affiliate was arrested in Italy based on a French warrant, further disrupting the network responsible for this ransomware strain, according to Europol.

Phobos ransomware is commonly utilized against small to medium-sized businesses that may have limited cybersecurity defenses.