top of page
Search

Phobos Ransomware Operator Pleads Guilty, Faces Lengthy Prison Sentence

  • Mar 5
  • 2 min read

Key Findings:


  • Evgenii Ptitsyn, a 43-year-old Russian national, pleaded guilty to wire fraud conspiracy for his role in the Phobos ransomware operation.

  • Ptitsyn was a high-level administrator of the Phobos ransomware-as-a-service (RaaS) operation.

  • The Phobos ransomware operation targeted over 1,000 public and private entities worldwide, extorting more than $16 million in ransom payments.

  • Ptitsyn and his co-conspirators used a RaaS model to distribute Phobos ransomware to a network of affiliates, who paid fees for decryption keys.

  • Ptitsyn controlled multiple cryptocurrency wallets that received thousands of decryption key fees from Phobos affiliates.

  • Ptitsyn faces a maximum penalty of 20 years in prison for the wire fraud conspiracy charge. Sentencing is set for July 15.


Background


Evgenii Ptitsyn, a 43-year-old Russian national, pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Ptitsyn was a high-level administrator of the Phobos ransomware-as-a-service (RaaS) platform, which was used by a network of affiliates to attack victims globally.


Phobos Ransomware Operation


  • The Phobos ransomware operation targeted over 1,000 public and private entities in the United States and worldwide, extorting more than $16 million in ransom payments.

  • Ptitsyn and his co-conspirators used a RaaS model to distribute the Phobos ransomware to affiliates, who paid fees to the administrators for decryption keys.

  • Affiliates would deploy the Phobos ransomware, encrypt victims' data, and demand ransom payments, with a portion of the proceeds going to Ptitsyn and other Phobos administrators.

  • Ptitsyn controlled multiple cryptocurrency wallets that received thousands of decryption key fees from the Phobos affiliates, as well as a share of the ransom payments.


Legal Consequences


  • Ptitsyn pleaded guilty to wire fraud conspiracy, facing a maximum penalty of 20 years in prison.

  • He has agreed to forfeit $1.77 million in assets and pay at least $39.3 million in restitution to his victims.

  • Ptitsyn's sentencing is scheduled for July 15, 2026.


The Phobos ransomware operation was a large-scale, international cybercrime scheme that caused significant financial and operational damage to its victims. Ptitsyn's guilty plea and impending sentence reflect the ongoing efforts of law enforcement to disrupt and dismantle such ransomware operations.


Sources


  • https://securityaffairs.com/188984/security/phobos-ransomware-admin-faces-up-to-20-years-after-guilty-plea.html

  • https://cyberscoop.com/phobos-ransomware-leader-guilty/

  • https://www.justice.gov/usao-md/pr/russian-ransomware-administrator-pleads-guilty-wire-fraud-conspiracy

  • https://bulletproofservers.hk/blog/phobos-ransomware-mastermind-evgenii-ptitsyn-pleads-guilty-to-u-s-fraud-charges/

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page