Four Russian nationals were arrested in Phuket, Thailand, for alleged involvement in the 8Base ransomware group, which has extorted over $16 million from various victims. The group employed Phobos ransomware, mainly targeting small to medium-sized businesses that often lack adequate cybersecurity defenses. Europol noted that 8Base's Ransomware as a Service (RaaS) model allowed it to reach a wide range of criminal actors. In addition to the arrests, 27 servers linked to the criminal network were dismantled as part of an international law enforcement operation involving 14 countries.
Unlike high-profile ransomware groups that target major corporations, Phobos relies on high-volume attacks against small to medium-sized businesses, which often lack the cybersecurity defences to protect themselves.
Its Ransomware as a Service (RaaS) model has made it particularly accessible to a range of criminal actors, from individual affiliates to structured criminal groups such as 8Base.
8Base has been particularly aggressive in its use of double extortion techniques, which involve both encrypting victims' data and threatening to publish stolen information unless a ransom is paid.
The group has been the focus of action by international law enforcement for a while, with arrests and operations targeting key affiliates and administrators.
Collection
[
|
...
]