The Security Service of Ukraine (SSU) announced that it has apprehended five members of the Phoenix hacking group. Pheonix hacking group specialized in remotely hacking mobile devices and gaining access to their victim’s bank accounts or e-payment accounts. In some instances, they profited by selling information to parties.
According to the SSU, their activities went on for at least two years. During this time, the Phoenix group targeted “several hundred” people.
The arrested individuals will face charges under Article 361 of Ukraine’s Criminal Code. This pertains to “illegal interference in the work of electronic computers, systems, and computer networks.” The SSU said that all five of the suspects live in Kyiv or Kharkiv and are graduates from higher technical education institutes.
Read on to learn more about how the Pheonix Group operated and for more information on the arrests.
Details of Pheonix Hacking Group’s Operations
SSU’s announcement included details of how Pheonix carried out its attacks. In any potential attack, the group would aim to gain remote access to a targeted device. To do so, the actors used phishing sites that closely resembled Apple and Samsung’s login portals. They would then use information obtained here to hack into the victim’s e-payment or bank accounts or sell stolen information to interested third parties.
The group also offered their services to third parties, where they would charge $200 on average. Apart from hacking, Pheonix also engaged in unlocking stolen or lost Apple devices. These devices would then be sold in a “network of controlled stores in Kyiv and Kharkiv.”
Ukraine Police conducted searches at each arrest location, where they seized the following materials:
- computer equipment
- mobile devices
- specialized software
- other hardware
The police said that they even found several stolen devices that were going to be re-sold as new in the Kyiv region.
High Profile Cyber Criminals Nabbed in Ukraine
The SSU said that it was working on identifying and prosecuting anyone else who may be involved with the Pheonix Group’s illicit activities.
The arrests of the Phoenix group’s members are the latest notch under Ukraine law enforcement’s belt. Earlier this year, members of CL0P ransomware gang were arrested by Ukraine police, as part of INTERPOL’s operation cyclone. The group was responsible for moving over $500 million in ransomware-related activities.
Phishing scams are a real menace these days. They target a wide range of people and are spread through many platforms such as email, WhatsApp, or, like in Pheonix’s operations, malicious websites. To learn more about how you can protect yourself from phishing scams, check out our resource here.