Phobos ransomware affiliate arrested in Poland

Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) detained a 47-year-old man suspected of creating, acquiring, and sharing computer programs used to unlawfully obtain information stored in computer systems. He faces a potential prison sentence of up to five years.

The arrest took place in the Małopolska Voivodeship as part of a joint operation conducted by CBZC officers from the Katowice and Kielce branches.

During a search of the suspect’s apartment, officers recovered a computer and mobile phones believed to have been used in carrying out the offenses.

Files found on the computer contained digital data, including login credentials, passwords, credit card numbers, and server IP addresses.

According to information provided by CBZC, “the 47-year-old used encrypted messaging to contact the Phobos criminal group, known for conducting ransomware attacks.”

The arrest was linked to CBZC’s participation in Operation Aether, coordinated by Europol. During the operation, law enforcement agencies reported progress against individuals connected to the Phobos ransomware network, including those operating at the RaaS level as well as affiliates responsible for intrusions and encryption.