OFFICERS from Poland’s Central Bureau for Combating Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities reported evidence of illegal activities on his seized devices, including files containing logins, passwords, credit card numbers, and server IP addresses that could be used to breach electronic systems and launch ransomware attacks.
The arrest occurred in a joint operation by cybercrime units in Katowice and Kielce, with the suspect detained in the Małopolska region and charged with creating, acquiring and distributing tools for unlawfully accessing computer systems. The case notes that he used encrypted messaging to contact the Phobos criminal group, described by authorities as involved in ransomware attacks.
The investigation, part of Operation Aether coordinated by Europol, centres on Phobos operators, affiliates and infrastructure worldwide, with Phobos operating as a ransomware-as-a-service model and having targeted more than 1,000 victims globally. The man faces up to five years in prison, according to the press release from CBZC.