Latest news with #8Base
Asahi Shimbun
04-08-2025
- Asahi Shimbun
NPA develops tool to restore data encrypted by Phobos/ 8Base
A document file is encrypted by ransomware. (From a demonstration video provided by the National Police Agency) The National Police Agency announced it has developed specialized software to recover data encrypted by Phobos and 8Base ransomware attacks. The tool will allow users of PCs and other electronic devices to readily 'mend' their stored information, even if they have no relevant technical expertise. It means victims facing extortion will no longer have to worry about paying cash to cyber criminals. The anti-ransomware app is available on the NPA's website as well as the No More Ransom page operated by the European Union Agency for Law Enforcement Cooperation (Europol). 'We expect victims of cyberattacks to actively take advantage of the software,' an NPA official said on July 17. Approximately 2,000 cyberattacks linked to Phobos and 8Base have been confirmed around the world since 2018, with at least 22 countries affected. Around 90 companies and local governments in Japan across 29 prefectures are believed to have been affected by ransom threats since 2020. One especially notable cyberattack in October 2022 targeted the Osaka General Medical Center in Osaka, rendering electronic care records and medical fee calculations inaccessible. The data restoration software was developed after the NPA's national cyber department discovered a ransomware generator program on the dark web. This part of the internet is accessible exclusively through certain software. A range of illegal goods and information are traded on the dark web, as data transmission sources are difficult to trace. With assistance from the FBI, the NPA identified the necessary code for encryption recovery in May of this year. The Japan-U.S. collaboration led to completion of the new application, with a male technical officer in his 30s from the NPA's national cyber department playing a key role in the endeavor. Entering encrypted data into the app can effectively repair the files '100 percent.' The original data may appear within seconds, depending on the amount of inputted information. The NPA emphasized that the software's effectiveness was confirmed in tests by the FBI, among other parties. Currently, Tokyo is part of a joint international investigation into Phobos and 8Base. Five Russian men suspected of playing leading role in ransomware attacks have been arrested since 2024. In December 2023, the NPA's national cyber department created an anti-ransomware restoration tool to protect online users from a cybercriminal group known as LockBit. A spate of countries are now using the app, the NPA said.
Euronews
12-02-2025
- Euronews
Four Russian nationals behind 8Base ransomware arrested, says Europol
Four Russian nationals leading the 8Base ransomware group were arrested last week, Europol announced Tuesday. The individuals are suspected of deploying a variant of the ransomware known as Phobos to extort high-value payments from victims across Europe and beyond. 8Base is a relatively new ransomware operation that intensified its activities in the summer of 2023. The group has since claimed responsibility for high-profile attacks on the United Nations Development Programme and the Atlantic States Marine Fisheries Commission. Phobos ransomware was first detected in 2018. Unlike other high-profile ransomware groups that target large corporations, Phobos relies on high-volume attacks against small to medium-sized businesses that often lack the necessary cybersecurity defences to protect themselves. The Phobos model has allowed criminal actors — from individual affiliates to structured criminal groups such as 8Base — to customise their ransomware campaigns with minimal technical expertise. The leak site for the 8base ransomware was taken down by authorities on Monday, subsequently displaying a seizure banner. Europol stated that the complex international operation involved 14 coordinated law enforcement agencies. While some countries focused on the investigation into Phobos, others targeted 8Base. At the same time, 27 servers linked to the criminal network were taken down. This news follows a series of previous high-impact arrests which have targeted Phobos ransomware, with a key Phobos affiliate arrested in Italy on a French arrest warrant in 2023. As a result of this operation, law enforcement authorities were also able to warn more than 400 companies worldwide of ongoing or imminent ransomware attacks.
Yahoo
11-02-2025
- Yahoo
Four Russians arrested in Phobos ransomware crackdown, Europol says
PARIS (Reuters) - Four Russian nationals, who were suspected of deploying a variant of Phobos ransomware to extort payments from people in Europe and beyond, were arrested last week, the pan-European police agency Europol said on Tuesday. Coordinated action involving law enforcement agencies from 14 countries led to the arrest of the four individuals who led the 8Base ransomware group, and 27 servers linked to the criminal network were taken down, the Europol statement said. The crackdown follows a series of important arrests targeting Phobos ransomware. Those arrests allowed law enforcement to warn more than 400 companies worldwide of ongoing or imminent ransomware attacks. See for yourself — The Yodel is the go-to source for daily news, entertainment and feel-good stories. By signing up, you agree to our Terms and Privacy Policy. In June 2024, an administrator of Phobos was arrested in South Korea and extradited to the United States in November. He faces prosecution over ransomware attacks that encrypted critical infrastructure, business systems, and personal data for ransom. A key Phobos affiliate was arrested in Italy in 2023 on a French arrest warrant, further weakening the network behind this ransomware strain, Europol said. Phobos ransomware is often used against small to medium-sized businesses, which may lack cybersecurity defences.
Reuters
11-02-2025
- Business
- Reuters
Four Russians arrested in Phobos ransomware crackdown, Europol says
PARIS, Feb 11 (Reuters) - Four Russian nationals, who were suspected of deploying a variant of Phobos ransomware to extort payments from people in Europe and beyond, were arrested last week, the pan-European police agency Europol said on Tuesday. Coordinated action involving law enforcement agencies from 14 countries led to the arrest of the four individuals who led the 8Base ransomware group, and 27 servers linked to the criminal network were taken down, the Europol statement said. The crackdown follows a series of important arrests targeting Phobos ransomware. Those arrests allowed law enforcement to warn more than 400 companies worldwide of ongoing or imminent ransomware attacks. In June 2024, an administrator of Phobos was arrested in South Korea and extradited to the United States in November. He faces prosecution over ransomware attacks that encrypted critical infrastructure, business systems, and personal data for ransom. A key Phobos affiliate was arrested in Italy in 2023 on a French arrest warrant, further weakening the network behind this ransomware strain, Europol said. Phobos ransomware is often used against small to medium-sized businesses, which may lack cybersecurity defences.
