Members of Phoenix Hacking Group Arrested in Ukraine

Close up of a person's hands typing on a laptop in a dark room

The Security Service of Ukraine (SSU) announced that it has apprehended five members of the Phoenix hacking group. Pheonix hacking group specialized in remotely hacking mobile devices and gaining access to their victim’s bank accounts or e-payment accounts. In some instances, they profited by selling information to parties.

According to the SSU, their activities went on for at least two years. During this time, the Phoenix group targeted “several hundred” people.

The arrested individuals will face charges under Article 361 of Ukraine’s Criminal Code. This pertains to “illegal interference in the work of electronic computers, systems, and computer networks.” The SSU said that all five of the suspects live in Kyiv or Kharkiv and are graduates from higher technical education institutes.

Read on to learn more about how the Pheonix Group operated and for more information on the arrests.

Details of Pheonix Hacking Group’s Operations

SSU’s announcement included details of how Pheonix carried out its attacks. In any potential attack, the group would aim to gain remote access to a targeted device. To do so, the actors used phishing sites that closely resembled Apple and Samsung’s login portals. They would then use information obtained here to hack into the victim’s e-payment or bank accounts or sell stolen information to interested third parties.

The group also offered their services to third parties, where they would charge $200 on average. Apart from hacking, Pheonix also engaged in unlocking stolen or lost Apple devices. These devices would then be sold in a “network of controlled stores in Kyiv and Kharkiv.”

Ukraine Police conducted searches at each arrest location, where they seized the following materials:

  • computer equipment
  • mobile devices
  • specialized software
  • other hardware

The police said that they even found several stolen devices that were going to be re-sold as new in the Kyiv region.

High Profile Cyber Criminals Nabbed in Ukraine

The SSU said that it was working on identifying and prosecuting anyone else who may be involved with the Pheonix Group’s illicit activities.

The arrests of the Phoenix group’s members are the latest notch under Ukraine law enforcement’s belt. Earlier this year, members of CL0P ransomware gang were arrested by Ukraine police, as part of INTERPOL’s operation cyclone. The group was responsible for moving over $500 million in ransomware-related activities.

Phishing scams are a real menace these days. They target a wide range of people and are spread through many platforms such as email, WhatsApp, or, like in Pheonix’s operations, malicious websites. To learn more about how you can protect yourself from phishing scams, check out our resource here.

Technology policy researcher
Prateek is a technology policy researcher with a background in law. His areas of interest include data protection, privacy, digital currencies, and digital literacy. Outside of his research interests, Prateek is an avid reader and is engaged in projects on sustainable farming practices in India.