Five members of the worldwide ‘Phoenix’ hacking organization, which specializes in remote hacking of mobile devices, have been apprehended by the Security Service of Ukraine (SSU). According to the SSU, all five suspects reside in Kyiv or Kharkiv and are graduates of higher technical education colleges.
Phoenix’s purpose was to get remote access to mobile device users’ accounts and then commercialize them by stealing their e-payment or bank accounts or selling their data to third parties. The perpetrators exploited phishing sites that were clones of Apple’s and Samsung’s login gateways to obtain mobile device users’ credentials.
This action lasted at least two years, during which time Phoenix hacked into the accounts of several hundred people. The hackers allegedly charged between $100 and $200 for remote mobile phone hacking services. Finally, the gang was also involved with unlocking stolen or lost Apple devices related to the original purchaser by tying them to the device’s first account.
Each arrest site was subjected to five searches, with computer equipment, mobile phones, specialist software, and hardware being seized. Officers discovered many gadgets that looked stolen and were being prepped for resale as new in the Kyiv region while conducting searches of houses and bogus telephone businesses.
The malicious actors are now facing charges under Article 361 of Ukraine’s Criminal Code for interfering with the operation of electronic computers, systems, and computer networks. While the five people detained are most likely all members of the ‘Phoenix’ organization, the authorities will continue their investigation in the hopes of uncovering more conspirators.
Ukraine law enforcers have recently been active in fighting cybercrime in their country, with recent arrests of ransomware members, money launderers, and DDoS attackers.