25 November 2021

Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine


Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine

Ukrainian police have arrested five members of the international cybercrime group called ‘Phoenix’ specializing in the remote hacking of mobile devices and stealing users’ personal data.

According to the Security Service of Ukraine (SSU), all five suspects live in Kyiv or Kharkiv and have higher technical education degrees.

In order to gain access to accounts of mobile device users, the hackers set up phishing websites disguised as legitimate sites belonging to Apple, Samsung and other mobile phone brands. Upon obtaining access to the victim’s account the hackers copied all information stored on the device. The gang would use stolen data to steal funds from victims’ e-payment or bank accounts or sell users’ private information to third parties.

The hackers offered remote access to compromised accounts to others, charging $200. Another service the group provided was unblocking stolen or lost devices made by Apple.

The activity went for over two years during which the hackers compromised more than several hundred accounts.

During the searchers the police have seized computer equipment, mobile phones, specialized software and hardware.


Back to the list

Latest Posts

Cyber security week in review: August 5, 2022

Cyber security week in review: August 5, 2022

The cybersecurity world in brief: Two crypto platforms targeted in multimillion-dollar attacks, hackers exploited an Atlassian Confluence bug to install a never-before-seen backdoor, and more.
5 August 2022
Threat actors exploit Atlassian Confluence bug to install a never-before-seen backdoor

Threat actors exploit Atlassian Confluence bug to install a never-before-seen backdoor

Ljl Backdoor is a fully-featured malware designed to gather files and user accounts, as well as system information.
4 August 2022
Thousands of Solana wallets drained in yet another multimillion exploit

Thousands of Solana wallets drained in yet another multimillion exploit

More than 8,000 wallets have been affected in the hack.
3 August 2022