« Information Technology
  

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

By Jeff Wardon, Jr., Assistant Editor


Charges have been unsealed by the U.S. Justice Department against Evgenii Ptitsyn, a 42-year-old Russian national accused of using and distributing the Phobos ransomware, according to a press release. The ransomware has been used globally to target over 1,000 organizations, including healthcare, and has extorted more than $16 million. 

Prosecutors allege that from 2020 onward, Ptitsyn and cohorts sold Phobos ransomware via a site on the dark web, allowing affiliates to encrypt victims’ data and demand payment for decryption keys, according to the Justice Department. They also threatened to leak sensitive data if ransom payments weren’t made. Ptitsyn also allegedly oversaw payments through cryptocurrency wallets linked to these operations. He is being extradited from South Korea and faces 13 charges, including wire fraud, computer hacking and extortion. 

Related: Healthcare Facilities Alerted of 'Scattered Spider' Cyber Threat

A variant of the Phobos ransomware called “Backmydata” was used in a February 2024 cyberattack that took 100 Romanian healthcare facilities offline, according to The HIPAA Journal. Additionally, the group behind Phobos is known to utilize double extortion tactics, in which cybercriminals take systems offline and hold the data for ransom while also stealing data and threatening to leak it out. This can put pressure on healthcare organizations to pay out. 

Paying the ransom doesn’t guarantee the affected organizations will get their data back, though, according to the FBI. It also emboldens cybercriminals to continue their operations by targeting more potential victims. 

In addition, the FBI recommends these actions to stay safe from ransomware: 

  • Update operating systems, software and applications routinely. 
  • Ensure that antivirus and antimalware programs are set up to automatically update and run routine scans. 
  • Back up data regularly, and check to make sure they’re completed. 
  • Secure backups, and make sure they’re not connected to the devices or networks they’re backing up 
  • Create a response plan in case the organization becomes the victim of a ransomware attack. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



November 21, 2024


Topic Area: Information Technology , Security

Recent Posts

The Top Three Pathogens to Worry About in 2026

Key viruses to watch out for and how to prevent them.

Blackbird Health Opens New Pediatric Mental Health Clinic in Virginia

It offers comprehensive evaluations, therapy and medication management under one roof.

Baptist Medical Center Jacksonville to Get Inpatient Rehabilitation Unit

Baptist Center for Inpatient Rehabilitation, managed by Brooks Rehabilitation, is expected to see its first patients in spring 2027.

Building Envelopes Emerge As Key Facility Components

From enclosure commissioning and air-moisture control to decarbonization and thermal comfort, exterior systems affect energy efficiency and resilience.

Catholic Medical Center Breaks Ground on New Central Energy Plant

The new central energy plant is expected to be completed in early 2027.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.