A Russian man wished for extradition by the United States over cyber-crime allegations has been arrested on the Thai vacation island of Phuket, native police have introduced.
Denis Obrezko is allegedly a part of the infamous group Void Blizzard, Thai police stated, a cyber espionage gang acknowledged by Microsoft for hacking assaults that align with Kremlin pursuits.
The 35-year-old was arrested on November 6 in a joint operation between the FBI and Thai authorities, one week after coming into the nation on a flight to Phuket, in accordance to Thailand’s Cyber Crime Investigation Bureau (CCIB).
“This individual had previously breached security systems and attacked government agencies in both Europe and the United States,” the CCIB stated Friday.
He will probably be held on the Criminal Court in Bangkok pending extradition to the US, it stated.
Local police had tracked Obrezko down at his lodge room, the place they discovered digital gadgets together with a pocket book laptop, cell phone and digital pockets that had been seized for forensic examination, officers stated.
Microsoft Threat Intelligence (MTI) previously flagged Void Blizzard for concentrating on organizations that Russia opposes, noting its concentrate on authorities, protection, transport, media, NGOs and healthcare sectors in the United States and Europe, together with Ukraine.
“They often use stolen sign-in details that they likely buy from online marketplaces to gain access to organizations,” researchers stated in a press release. “Once inside, they steal large amounts of emails and files.”
Russian diplomat Ilya Ilyin, of the Russian embassy in Thailand, confirmed {that a} Russian citizen was detained on Phuket final week “on suspicion of committing cybercrimes,” and that the arrest was “allegedly at the official request of the United States,” in accordance to the TASS information company.
NCS has contacted the US Department of Justice for remark.
Void Blizzard is understood for utilizing fundamental strategies for preliminary entry, together with “password spraying” the place frequent passwords are systematically utilized throughout a number of usernames, and utilizing stolen authentication particulars, MTI discovered.
“Despite the lack of sophistication in their initial access methods, Void Blizzard has been effective in gaining access to and collecting information from compromised organizations in critical sectors,” MTI added.
Void Blizzard frequently targets authorities and legislation enforcement entities, particularly in NATO international locations and people providing army or humanitarian support to Ukraine, MTI stated.
The group’s actions have affected varied sectors in Ukraine together with training, transportation and protection.