Thai authorities arrested 4 European hackers in Phuket on February 10, 2025, for his or her alleged involvement in ransomware operations that inflicted world losses exceeding $16 million.
The arrests, a part of the multinational “Operation PHOBOS AETOR,” have been executed in collaboration with Swiss and U.S. regulation enforcement businesses.
The suspects, two males, and two ladies have been apprehended throughout coordinated raids at 4 areas: Mono Soi Palai, Supalai Palm Spring, Supalai Vista Phuket, and Phyll Phuket x Phuketique Phyll. Police confiscated over 40 digital units, together with cell phones, laptops, and cryptocurrency wallets, which have been allegedly utilized in felony actions.
Operation PHOBOS AETOR
Ransomware Operation on a International Scale
As per a report by Khao Sod English report, the operation focused a global cybercrime group liable for deploying the Phobos ransomware.
Between April 2023 and October 2024, the group reportedly attacked 17 firms in Switzerland, in addition to quite a few different organizations worldwide.
Utilizing subtle cyber methods, the hackers gained unauthorized entry to networks, and encrypted information, and demanded substantial cryptocurrency ransoms for decryption keys.
Victims who refused to pay have been threatened with public publicity of delicate information.
Moreover, the hackers employed cryptocurrency mixing providers to obscure their transactions and evade detection, making their digital path almost untraceable.
The operation affected over 1,000 victims globally, with damages estimated at $16 million (roughly 560 million baht).
This high-profile arrest highlights the significance of worldwide cooperation in combating cybercrime.
Performing on an pressing request from Swiss and U.S. authorities, Thai officers from the Cyber Crime Investigation Bureau (CCIB), led by Police Lieutenant Common Trairong Phiwphan, executed the raids alongside Immigration Police and Area 8 Police.
The suspects needed on Interpol warrants, have been discovered to be a part of a transnational felony group.
The suspects face fees of Conspiracy to Commit an Offense In opposition to the USA and Conspiracy to Commit Wire Fraud.
Whereas their identities stay undisclosed, proof collected in the course of the arrests is predicted to be crucial in advancing investigations.
Ransomware assaults have change into a major world risk, focusing on companies, establishments, and people alike.
The takedown of this operation underscores the rising want for regulation enforcement businesses worldwide to collaborate in addressing the rising sophistication of cybercriminals.
Are you from SOC/DFIR Group? - Be part of 500,000+ Researchers to Analyze Cyber Threats with ANY.RUN Sandbox - Attempt for Free