The Security Service of Ukraine (SBU) has made five arrests in an investigation targeting the international hacking group known as Phoenix, allegedly specialized in hacking and selling stolen mobile phones.
According to the investigation, the five are residents of Kyiv and Kharkiv and all have “higher technical education.” They used social engineering tactics like phishing and website spoofing to steal victims’ passwords and defraud them or sell their data.
According to a machine-translated version of the SBU’s press release:
To gain access to the accounts of mobile device users, hackers used “phishing” resources – copies of sites of well-known manufacturers of mobile devices “Apple”, “Samsung” and others.
The user of the mobile device, downloading the application or application on such a “pseudo-official” site, provided the attackers with a password to their account. The attackers then copied the information stored on the hacked phone.
The data obtained in this way allowed the attackers to withdraw funds from citizens’ accounts and sell information about their private lives to third parties.
Victims lost $200 on average from the hacks, according to the SBU.
Phoenix was also engaged in hardware hacks, unlocking lost or stolen iPhones and reselling them through “a network of controlled stores” in Kyiv and Kharkiv.
Phoenix’s business, conducted under the guise of phone repair shops, reportedly ran for more than two years and claimed hundreds of victims.
Ukrainian Police seized “computer equipment and mobile phones with evidence of criminal activity, software and hardware for unauthorized interference with accounts, [and] stolen mobile phones, which were being prepared for sale under the guise of new ones.”
With these five arrests, the SBU believes it has apprehended all of the Phoenix gang members. For good measure, investigations continue to “identify and prosecute all persons involved in illegal activities,” just in case others can be linked to Phoenix.