THE AMERICA ONE NEWS
Jun 2, 2025  |  
0
 | Remer,MN
Sponsor:  QWIKET 
Sponsor:  QWIKET 
Sponsor:  QWIKET: Elevate your fantasy game! Interactive Sports Knowledge.
Sponsor:  QWIKET: Elevate your fantasy game! Interactive Sports Knowledge and Reasoning Support for Fantasy Sports and Betting Enthusiasts.
back  
topic
Le Monde
Le Monde
10 Nov 2023


Images Le Monde.fr

Three years since the start of a series of ransomware attacks, police operations have increased manifold. Ransomware is the name for any malicious tool used by hackers to paralyze computer networks and demand a ransom for their release. This time, France has managed to nab two suspects whose profiles are highly sought-after. A Russian couple living in Saint Petersburg were arrested at Milan airport this summer. The arrest was in connection with a European arrest warrant issued by the French authorities, Le Monde has learned from corroborating sources.

The two suspects, a man and a woman in their 30s, are suspected of working on behalf of the Phobos ransomware group. They were brought before an investigating magistrate in Paris and indicted on October 27 on charges of fraudulent access, maintenance, obstruction and modification of an automated data processing system, extortion and aggravated money laundering as part of an organized group, and criminal conspiracy. Both have been placed in pre-trial detention.

They are suspected of being so-called "affiliates" of the Phobos group, i.e. hackers recruited in certain chatrooms or forums, who rent the ransomware, penetrate their victims’ networks themselves and then share the ransom with the virus' developers. While it is always difficult to trace the perpetrators of this type of operation, in this case, investigators from the cybercrime unit of the Police Prefecture (BL2C) were first able, over the course of the year, to link several attacks committed on French territory to two actors with very similar methods. Then, thanks to cooperation with other international investigation services, they were able to identify these two people and issue a European arrest warrant.

Analysis of cryptocurrency flows has linked the pair to at least 150 ransomware payments worldwide, including a dozen actions against French entities since 2020. Their victims in France include local government authorities and businesses. Analysis of the electronic material seized will reveal whether they were also working on behalf of other organizations.

The Phobos group, named after the moniker given to its ransomware by IT security researchers, tends to fly under the radar. Unlike the big names in the cybercrime sector, who today tend to target large entities as a priority, its virus has generally been used to target small businesses, and the ransom amounts demanded are smaller, generally several thousand or tens of thousands of euros, according to our information.

You have 40% of this article left to read. The rest is for subscribers only.