25 November 2021

Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine


Hackers behind phishing attacks on Apple, Samsung users arrested in Ukraine

Ukrainian police have arrested five members of the international cybercrime group called ‘Phoenix’ specializing in the remote hacking of mobile devices and stealing users’ personal data.

According to the Security Service of Ukraine (SSU), all five suspects live in Kyiv or Kharkiv and have higher technical education degrees.

In order to gain access to accounts of mobile device users, the hackers set up phishing websites disguised as legitimate sites belonging to Apple, Samsung and other mobile phone brands. Upon obtaining access to the victim’s account the hackers copied all information stored on the device. The gang would use stolen data to steal funds from victims’ e-payment or bank accounts or sell users’ private information to third parties.

The hackers offered remote access to compromised accounts to others, charging $200. Another service the group provided was unblocking stolen or lost devices made by Apple.

The activity went for over two years during which the hackers compromised more than several hundred accounts.

During the searchers the police have seized computer equipment, mobile phones, specialized software and hardware.


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021