« Information Technology
  

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

By Jeff Wardon, Jr., Assistant Editor


Charges have been unsealed by the U.S. Justice Department against Evgenii Ptitsyn, a 42-year-old Russian national accused of using and distributing the Phobos ransomware, according to a press release. The ransomware has been used globally to target over 1,000 organizations, including healthcare, and has extorted more than $16 million. 

Prosecutors allege that from 2020 onward, Ptitsyn and cohorts sold Phobos ransomware via a site on the dark web, allowing affiliates to encrypt victims’ data and demand payment for decryption keys, according to the Justice Department. They also threatened to leak sensitive data if ransom payments weren’t made. Ptitsyn also allegedly oversaw payments through cryptocurrency wallets linked to these operations. He is being extradited from South Korea and faces 13 charges, including wire fraud, computer hacking and extortion. 

Related: Healthcare Facilities Alerted of 'Scattered Spider' Cyber Threat

A variant of the Phobos ransomware called “Backmydata” was used in a February 2024 cyberattack that took 100 Romanian healthcare facilities offline, according to The HIPAA Journal. Additionally, the group behind Phobos is known to utilize double extortion tactics, in which cybercriminals take systems offline and hold the data for ransom while also stealing data and threatening to leak it out. This can put pressure on healthcare organizations to pay out. 

Paying the ransom doesn’t guarantee the affected organizations will get their data back, though, according to the FBI. It also emboldens cybercriminals to continue their operations by targeting more potential victims. 

In addition, the FBI recommends these actions to stay safe from ransomware: 

  • Update operating systems, software and applications routinely. 
  • Ensure that antivirus and antimalware programs are set up to automatically update and run routine scans. 
  • Back up data regularly, and check to make sure they’re completed. 
  • Secure backups, and make sure they’re not connected to the devices or networks they’re backing up 
  • Create a response plan in case the organization becomes the victim of a ransomware attack. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



November 21, 2024


Topic Area: Information Technology , Security

Recent Posts

Social Media Driving Rise in Trade Jobs

Social media is the second largest career influencer for Gen Zers.

North Carolina Children's Receives $25M Gift from Coca-Cola Consolidated

The gift is the first step towards the goal of raising more than $1 billion for the new NC Children’s campus in Apex.

Swinerton Breaks Ground on $5.5M Medical Office Building in North Carolina

The 8,000-square-foot facility will be home to Charlotte-based Metrolina Dermatology.

Rethinking Strategies for Construction Success

Encouraging project team stakeholders to communicate, collaborate, care and align around a common goal.

From Touchless to Total Performance: Healthcare Restroom Design Redefined

Facility managers are raising the bar on hygiene, durability and system performance by turning restrooms into frontline assets for infection prevention and patient confidence.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.