Posts

Ukraine arrests ‘Phoenix’ hackers behind Apple phishing attacks


phoenix_office

The Security Service of Ukraine (SSU) has arrested five members of the international ‘Phoenix’ hacking group who specialize in the remote hacking of mobile devices.

The SSU’s announcement states that all five suspects live in Kyiv or Kharkiv and are higher technical education institutes graduates.

The goal of ‘Phoenix’ was to gain remote access to the accounts of mobile device users and then monetize them by hijacking their e-payment or bank accounts or selling their private information to third parties.

To steal mobile accounts of mobile device users, the actors used phishing sites that were clones of Apple’s and Samsung’s login portals.

This activity went on for at least two years, during which Phoenix hacked several hundred people’s accounts.

The hackers also offered remote mobile phone hacking services to others, charging between $100 and $200.

Messages between Phoenix and a client
Messages between Phoenix and a client
Source: SSU

Finally, the group was also unlocking stolen or lost devices made by Apple, tied to the original purchaser by locking them to the first account created on the device.

The police have conducted five searches in each arrest location, seizing computer equipment, mobile phones, specialized software, and hardware.

Stolen devices prepared to be resold as new
Stolen devices prepared to be resold as new
Source: SSU

While conducting searches of homes and fake telephone shops, officers found several devices that appeared to have been stolen and were being prepared for reselling as new in the Kyiv region.

The threat actors now face charges relevant to Article 361 of the Criminal Code of Ukraine for illegal interference in the work of electronic computers, systems, and computer networks.

While the five arrested individuals are most likely all the ‘Phoenix’ group members, the authorities will continue the investigations to potentially identify more conspirators.

Ukraine has been actively cracking down on cybercrime activity originating from their country, with recent arrests of ransomware membersmoney launderers, and threat actors behind DDoS attacks.

Source…

The 107+ Best Early Cyber Monday Deals 2021: Apple, TVs, Vacuums & More – The New York Times



The 107+ Best Early Cyber Monday Deals 2021: Apple, TVs, Vacuums & More  The New York Times

Source…

Mobile World Congress 2012 – Mobile Security Forum – Embrace is the right approach for BYOD



Ukraine arrests hackers behind Apple phishing schemes




AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

The Security Service of Ukraine (SSU) has arrested five individuals believed to be involved in the international “Phoenix” hacking group, which performed phishing attacks using cloned Apple support websites.

The SSU notes that the suspects lived in Kyiv or Kharkiv, and all five were higher technical education institute graduates. Police have since seized computer equipment, mobile phones, software, and hardware believed to be used by the group.

Phoenix specialized in gaining remote control of mobile devices through phishing attacks. The group would direct users to phishing sites that were clones of official Apple and Samsung support sites.

According to BleepingComputer, the scheme went on for at least two years, with the hackers successfully gaining access to several hundred people’s accounts.

Phoenix also offered remote mobile phone hacking services to individuals, charging between $100 and $200.

Investigators also discovered that the hackers had been unlocking stolen or lost devices made by Apple. Once unlocked, the group would sell the devices to unwitting customers.

SSU believes that the five arrested individuals comprise the entirety of Phoenix but plan to continue investigations to find any remaining conspirators.

Phoenix now faces charges relevant to Article 361 of the Criminal Code of Ukraine, which focuses on illegal interference in the work of electronic computers, systems, and computer networks.

In August, a hacker known for data breaches had allegedly gained access to gigabytes of AT&T customer information, including social security numbers. The hacker, known as “ShinyHunters,” had requested $1 million to take the data offline.

AT&T denied the information had come from their servers.

That same month, T-Mobile had become aware of a breach of its servers that had resulted in harvested data on over 100 million customers being sold on a hacker forum.

Source…