Police raids illegal stolen iPhone and Android unlocking laboratory. 5 hackers arrested

A security report claims that Ukrainian police managed to dismantle a dangerous mobile hacking group that mainly targeted Apple and Samsung users. In total, the Security Service of Ukraine arrested five individuals related to Phoenix, the nickname by which this group was known.

About Phoenix’s mode of operation, it appears that hackers attracted potential victims to phishing websites, from where users could download a malicious APK that allowed threat actors to access compromised devices remotely. Once the device was infected, transfers were made for minimal amounts, in addition to data collection tasks.

This group also made a profit by unlocking stolen iPhone devices sold through unofficial stores and in the informal market. Ukrainian police estimate that Phoenix was active for at least two years, during which time they accumulated hundreds of victims.

Authorities also raided five different homes, including an alleged tech store that actually covered up an operations center, where hundreds of devices, including laptops with complex mobile hacking tools, were seized.

A remarkable fact about this operation is that the five arrested individuals are graduates of higher technical institutes, which shows the lack of opportunities for computer science graduates in a region, which has become a problem if we remember that Ukraine is one of the main points of operation of various Russian hacking groups.

Cybersecurity specialists believe that, for these young people, it is more likely to find income in one of these hacking groups than in some private company or government entity, so the emergence of groups like Phoenix is only part of the problem.

The Security Service of Ukraine has been in charge of some similar operations recently. A month ago, authorities arrested an individual accused of running a botnet with at least 100,000 infected devices, used by hackers to launch powerful denial of service (DoS) attacks, in addition to linking this case to other cybercriminal activities.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.