Poland arrests suspect linked to Phobos ransomware operation

Staff Editor 2026-02-17
Poland arrests suspect linked to Phobos ransomware operation

Poland arrests suspect linked to Phobos ransomware operation

https://www.bleepingcomputer.com/news/security/poland-arrests-suspect-linked-to-phobos-ransomware-operation/

Publish Date: 2026-02-17 06:31:00

Source Domain: www.bleepingcomputer.com

Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware group and seized computers and mobile phones containing stolen credentials, credit card numbers, and server access data.

Officers from Poland’s Central Bureau of Cybercrime Control (CBZC) arrested the suspect in the Małopolska region in a joint operation involving units from Katowice and Kielce. The action is part of “Operation Aether,” a broader international effort coordinated by Europol and targeting Phobos ransomware infrastructure and affiliates.

During a search of the suspect’s residence, investigators supervised by the District Prosecutor’s Office in Gliwice found files on his devices containing credentials, passwords, credit card numbers, and server IP addresses that could be used to gain unauthorized access to computer systems and facilitate ransomware attacks.

Wiz

Police officers have also determined that the suspect had used encrypted messaging applications to communicate with the Phobos cybercrime organization.

“This data could be used to carry out various attacks, including, among others, ransomware. After performing technical actions, it turned out that there was data on them that could be used to break electronic security,” the CBZC said on Tuesday. “In addition, according to information collected about the 47-year-old, using encrypted messengers, he contacted the Phobos crime group known for its ransomware attacks.”

The suspect now faces charges under Article 269b of Poland’s Criminal Code for producing, acquiring, and distributing computer programs designed to unlawfully obtain information stored in IT systems (hacking tools), and faces a maximum prison sentence of five years if found guilty.

Operation Aether targeting Phobos

Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) that, despite receiving less media attention than other ransomware groups, has been responsible for…

Source

More Stories

Gaming soundbar can be hijacked from over 16 yards away without touch or pairing — the company allegedly refuses to label the blatant security flaw a cybersecurity risk

Gaming soundbar can be hijacked from over 16 yards away without touch or pairing — the company allegedly refuses to label the blatant security flaw a cybersecurity risk

Staff Editor 2026-06-06
White House EO Seeks Early Evaluation of Frontier AI Models

White House EO Seeks Early Evaluation of Frontier AI Models

Staff Editor 2026-06-06
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy