Law enforcement in Phuket has apprehended four hackers implicated in ransomware attacks targeting Swiss companies and stealing significant amounts of cryptocurrency.
The suspects, identified as Russian nationals, are accused of deploying ransomware on the networks of 17 Swiss firms between April 2023 and October 2024, marking a serious escalation in cybercrime.
Ransomware attacks of this nature involve cybercriminals encrypting a victim’s data and demanding payment—typically in cryptocurrency—to restore access. In this instance, the hackers reportedly utilized Phobos malware to carry out their operations.
The individuals are believed to be affiliated with the Russian ransomware group 8Base and are also linked to the theft of approximately $16 million in Bitcoin from around 1,000 victims globally.
According to a spokesperson from the Cyber Crime Investigation Bureau, the suspects were being sought by both U.S. and Swiss authorities. Thai police, in collaboration with immigration officials, successfully located them in Phuket and confiscated over 40 items of evidence, including laptops, smartphones, and digital wallets. Switzerland has requested their extradition to face legal proceedings.
In recent months, Phuket has emerged as a hotspot for cryptocurrency-related crimes.
Last month, a Russian individual was attacked and robbed of $20,000 in a Karon hotel, an incident deemed crypto-related that escalated into violence. Reports indicate the victim was confronted by two Russian associates regarding an unresolved cryptocurrency debt from business dealings in Russia.
In another incident in November 2024, a Ukrainian national in Phuket was coerced into transferring $250,000 worth of Tether while visiting friends. Reports suggest the victim was restrained and forced to complete the transaction before the assailants fled the scene.
