Thai Police Arrest Russian Hackers

Uploaded on 2025-02-15 in INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

Thai police have arrested four Russian hackers living in Phuket City. They allegedly stole $16 million through ransomware attacks which affected over 1,000 victims worldwide. The suspects, wanted by Swiss and US authorities, were caught in coordinated raids across four locations.

The criminals, two men and two women allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang.

Phobos is a type of ransomware that exploits incorrectly configured Remote Desktop Protocols (RDP), which are used by millions of people when remotely connecting to their business networks

Officers from Cyber Crime Investigation Bureau, led by Police Lieutenant General Trairong Phiwphan, conducted “Operation PHOBOS AETOR” in Phuket on February 10, arresting four foreign hackers involved in ransomware attacks. Co-ordinated with Immigration Police and Region 8 Police, raided four locations across Phuket. Police seized over 40 pieces of evidence, including mobile phones, laptops, and digital wallets.

The suspects face charges of Conspiracy to Commit an Offence Against the United States and Conspiracy to Commit Wire Fraud.

The arrests originate with an urgent international cooperation request from Swiss authorities and the United States, involving Interpol warrants for the European suspects who had entered Thailand as part of a transnational criminal organisation.

The group deployed Phobos ransomware against 17 Swiss companies between April 30, 2023, and October 26, 2024. Their operation involved unauthorised access to victims’ networks, data theft, and encryption of files.

The hackers demanded crypto-currency payments for decryption keys and threatened to publish stolen data if ransoms weren’t paid.  They also used crypto-currency mixing services to obscure transaction trails.

While the suspects are in custody with evidence, their identities remain undisclosed as investigations continue.

Khao Sod English   |   Wikipedia   |   Bangkok Post     |   The Nation  |    Bleeping Computer   |   Hack Read

Image: Ideogram

You Might Also Read: 

Phishing Scheme That Generated $11M Taken Down:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« US & Britain Refuse to Sign International AI Declaration
US Researchers Launch A DeepSeek Competitor »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CCL Solutions Group

CCL Solutions Group

CCL is one of Europe’s leading digital investigation specialists, supporting law enforcement, government and organisations across both public and private sectors.

KELA

KELA

KELA's powerful cybercrime intelligence platform uncovers and neutralizes the most relevant cybersecurity threats coming from the hardest-to-reach places on the internet.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

Curity

Curity

The Curity Identity Server brings identity and API security together, enabling highly scalable and secure user access to digital services.

Sec-Ops

Sec-Ops

Sec-Ops is a forward thinking cyber security company, formed by a group of security enthusiasts with years of experience and backgrounds in the technology and the government industries.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Bleach Cyber

Bleach Cyber

Bleach Cyber helps small businesses with an affordable and user-friendly solution for managing cloud security.

Intelidata Techedge Pvt. Ltd.

Intelidata Techedge Pvt. Ltd.

Intelidata are a Global Cyber Security Consultancy and Services firm that helps companies drive growth by minimizing risk and maximizing potential.

Acuvity

Acuvity

Acuvity is the most comprehensive AI security and governance platform for your employees and applications. Secure your GenAI adoption with confidence.