25 November 2021

Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine


Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine

Ukrainian police have arrested five members of the international cybercrime group called ‘Phoenix’ specializing in the remote hacking of mobile devices and stealing users’ personal data.

According to the Security Service of Ukraine (SSU), all five suspects live in Kyiv or Kharkiv and have higher technical education degrees.

In order to gain access to accounts of mobile device users, the hackers set up phishing websites disguised as legitimate sites belonging to Apple, Samsung and other mobile phone brands. Upon obtaining access to the victim’s account the hackers copied all information stored on the device. The gang would use stolen data to steal funds from victims’ e-payment or bank accounts or sell users’ private information to third parties.

The hackers offered remote access to compromised accounts to others, charging $200. Another service the group provided was unblocking stolen or lost devices made by Apple.

The activity went for over two years during which the hackers compromised more than several hundred accounts.

During the searchers the police have seized computer equipment, mobile phones, specialized software and hardware.


Back to the list

Latest Posts

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Dropped countries include such countries as Morocco, Mexico, Saudi Arabia, or the UAE.
26 November 2021
CronRAT: New Linux malware that hides behind February 31 to stay undetected

CronRAT: New Linux malware that hides behind February 31 to stay undetected

The malware hides in the Linux calendar system and enables server-side Magecart data theft which bypasses browser-based security solutions.
26 November 2021
New malware campaign targets crypto, NFT and DeFi communities via Discord

New malware campaign targets crypto, NFT and DeFi communities via Discord

The Babadeda crypter is able to bypass signature-based antivirus solutions and was previously observed in malicious campaigns distributing RATs, and LockBit ransomware.
26 November 2021