FlagThis - #arrest

A global police operation involving agencies from Europe, Japan, the U.S., and the U.K. has successfully seized the dark web leak site of the 8Base ransomware gang. The takedown message displayed on the site was confirmed as legitimate by Lucy Sneddon, a spokesperson for the U.K.’s National Crime Agency. While the U.K. played a supportive role, other involved agencies have not yet commented. Security researchers first noticed the seizure notice earlier this week.

This operation is part of a larger effort targeting ransomware gangs. In a related development, authorities have arrested four suspected Phobos ransomware hackers in Phuket, Thailand. These individuals are accused of conducting cyberattacks on over 1,000 victims worldwide and extorting $16,000,000 worth of Bitcoin. The operation, codenamed "Phobos Aetor," involved raids across multiple locations.


References :

• CyberInsider: Phobos Ransomware Gang Dismantled in International Sting
• BleepingComputer: Police arrests 4 Phobos ransomware suspects, seizes 8Base sites
• BleepingComputer: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base's dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide.
• bsky.app: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base's dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide.
• Carly Page: Mastodon post confirming the takedown of 8Base's leak site.
• techcrunch.com: TechCrunch reports on the global police operation seizing the 8base ransomware gang leak site.
• www.bleepingcomputer.com: BleepingComputer's report on the takedown of 8Base's dark web sites.
• DataBreaches.Net: Reports on police arresting 4 Phobos ransomware suspects and seizing 8Base sites.
• Threats | CyberScoop: cyberscoop article on 8base
• cyberscoop.com: Thai authorities detain four Europeans in ransomware crackdown
• Anonymous ???????? :af:: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites.
• The Register - Security: The Register: All your 8Base are belong to us: Ransomware crew busted in global sting
• securityaffairs.com: Report on the 8Base ransomware takedown highlighting the international collaboration.
• The Hacker News: The Hacker News: 8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation
• www.helpnetsecurity.com: The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware.
• BleepingComputer: Police arrests 2 Phobos ransomware suspects, seizes 8Base sites - BleepingComputer
• socradar.io: International Operation Targets 8Base and Phobos Ransomware Gangs In a coordinated global effort, law enforcement agencies have successfully dismantled the dark web infrastructure of the 8Base ransomware gang and arrested four individuals linked to the Phobos ransomware.
• Help Net Security: 8Base ransomware group leaders arrested, leak site seized
• PCMag UK security: An international operation has dealt a major blow to a cybergang known as 8Base, which used the Phobos to infect hundreds of companies and organizations.
• techcrunch.com: Authorities arrest four suspected 8base ransomware operators in global takedown
• www.europol.europa.eu: Report on the global law enforcement operation that led to the arrests.
• Security Boulevard: Authorities Seize 8Base Ransomware Infrastructure, Arrest Four Russians
• securityboulevard.com: With "Operation Phobos Aetor," international law enforcement, including the US DOJ and Europol, arrest four Russian nationals and seize infrastructure connected to the 8Bbase ransomware group, the largest affiliate of the prolific Phobos RaaS operation.
• securityaffairs.com: Global law enforcement operation targeting the 8Base ransomware gang and related criminal activity.
• Carly Page: A global law enforcement operation has led to the arrest of four individuals who authorities accuse of being key figures in the 8base ransomware operation. The four suspects are accused of amassing $16 million through ransomware attacks against more than 1,000 organizations globally
• www.csoonline.com: Law enforcement agencies from 14 countries collaborated in an investigation against the related Phobos and 8Base ransomware operations, arresting four suspects and seizing 27 servers, including the data leak and ransom negotiation websites.

Classification:

• HashTags: #8Base #Ransomware #LawEnforcement
• Target: 8Base Ransomware Gang
• Attacker: 8Base Ransomware Gang
• Malware: 8Base Ransomware
• Type: Ransomware
• Severity: Major

Spanish authorities have arrested a hacker in Alicante for allegedly conducting over 40 cyberattacks targeting critical public and private organizations, including NATO, the US Army, and various Spanish entities such as the Guardia Civil and the Ministry of Defense. The investigation began in early 2024 after a data leak was reported from a Madrid business association, revealing that the hacker was boasting about stolen information on an underground criminal forum, even defacing the victim's website.

The suspect, known online as "Natohub" among other pseudonyms, is accused of illegally accessing computer systems, disclosing secrets, damaging computers, and money laundering. Police seized multiple computers, electronic devices, and over 50 cryptocurrency accounts containing various digital assets. Although the suspect's name hasn't been released by police, local news reports identify him as an 18-year-old man.


References :

• BleepingComputer: The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities.
• securityaffairs.com: Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US.
• BleepingComputer: The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities.
• Help Net Security: Suspected NATO, UN, US Army hacker arrested in Spain
• SecurityWeek: Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.
• : The Spanish National Police and the Civil Guard announced the arrest (and release) of a hacker responsible for the cyberattacks against various Spanish government organizations, NATO and U.S. Army databases, and other international companies and entities.
• www.scworld.com: Suspected hacker arrested for attacks on NATO, US Army
• CyberInsider: Police Arrest Hacker Behind Attacks on U.S. and NATO Systems
• cyberinsider.com: Police Arrest Hacker Behind Attacks on U.S. and NATO Systems
• www.bleepingcomputer.com: Spanish National Police : (Spanish language) The Spanish National Police and the Civil Guard announced the arrest (and release) of a hacker responsible for the cyberattacks against various Spanish government organizations, NATO and U.S. Army databases, and other international companies and entities. Police seized multiple computers, electronic devices, and 50 cryptocurrency accounts containing various digital assets. Although no identity was released, linked the victim organizations to high profile attacks by the hacker using the alias "natohub".
• www.helpnetsecurity.com: Suspected NATO, UN, US Army hacker arrested in Spain
• www.securityweek.com: SecurityWeek provides details on the hacker's arrest and the organizations targeted.
• BleepingComputer: The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities.
• bsky.app: The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities. https://www.bleepingcomputer.com/news/legal/spain-arrests-suspected-hacker-of-us-and-spanish-military-agencies/
• Cybernews: An undisclosed hacker has been accused of over 40 cyberattacks on strategic organizations, including government, universities, NATO, and the US Army.
• www.policia.es: Spanish National Police : (Spanish language) The Spanish National Police and the Civil Guard announced the arrest (and release) of a hacker responsible for the cyberattacks against various Spanish government organizations, NATO and U.S. Army databases, and other international companies and entities.
• Techmeme: Spanish police arrest a hacker for allegedly conducting 40 cyberattacks on critical public and private organizations, seizing 50 crypto accounts, PCs, and more
• BleepingComputer: The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities.
• www.techmeme.com: Spanish police arrest a hacker for allegedly conducting 40 cyberattacks on critical public and private organizations, seizing 50 crypto accounts, PCs, and more
• ciso2ciso.com: Police arrest teenager suspected of hacking NATO and numerous Spanish institutions
• gbhackers.com: Authorities Arrested Hacker Who Compromised 40+ Organizations
• www.helpnetsecurity.com: The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation Organization and NATO), Spanish universities and companies, and released stolen data on the dark web.

Classification:

• HashTags: #Cybercrime #Hacking #Arrest
• Company: NATO, US Army
• Target: NATO, US Army
• Attacker: Spanish Hacker
• Feature: Data Theft
• Type: Hack
• Severity: High

A global law enforcement operation has successfully disrupted the 8Base ransomware group, leading to the arrest of four individuals accused of being key figures in the operation. The suspects were apprehended in Phuket, Thailand, and are alleged to have amassed $16 million through ransomware attacks targeting over 1,000 organizations worldwide. Authorities have also seized the dark web infrastructure utilized by the group.

This coordinated effort resulted in the dismantling of 8Base's dark web data leak and negotiation sites, effectively crippling their ability to further extort victims. The operation, codenamed "Phobos Aetor", involved coordinated raids across multiple locations, resulting in the seizure of laptops, smartphones, and cryptocurrency wallets.


References :

• BleepingComputer: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base's dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide.
• Carly Page: A global law enforcement operation has led to the arrest of four individuals who authorities accuse of being key figures in the 8base ransomware operation. The four suspects are accused of amassing $16 million through ransomware attacks against more than 1,000 organizations globally
• securityaffairs.com: Operation Phobos Aetor: Police dismantled 8Base ransomware gang
• BleepingComputer: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base's dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. [...]
• cyberscoop.com: Thai authorities detain four Europeans in ransomware crackdown
• The Register - Security: All your 8Base are belong to us: Ransomware crew busted in global sting
• socradar.io: International Operation Targets 8Base and Phobos Ransomware Gangs
• securityboulevard.com: Authorities Seize 8Base Ransomware Infrastructure, Arrest Four Russians
• techcrunch.com: Authorities arrest four suspects in global 8base ransomware takedown

Classification:

• HashTags: #8Base #Ransomware #Cybercrime
• Target: Over 1,000 organizations globally
• Attacker: 8Base
• Type: Hack
• Severity: Major