A Russian national with suspected links to the Void Blizzard hacking group appeared in U.S. federal court this week on charges of supporting a Kremlin-linked cyberespionage campaign that targeted U.S. companies, according to media reports.
Denis Obrezko, 36, made his initial appearance in federal court in Boston on Tuesday after being transferred to U.S. custody from Thailand, where he was arrested last November.
Russian state media previously reported that Obrezko is a native of the southwestern Russian city of Stavropol and had worked for Russian technology companies developing high-tech systems for domestic industries.
U.S. prosecutors allege that Obrezko helped the Russian state-linked threat actor Void Blizzard gain unauthorized access to computers by providing infrastructure used to support the group’s cyber operations, Reuters reported on Thursday.
The Justice Department, which is prosecuting the case, did not respond to a request for comment.
Obrezko reportedly remains in custody as the case moves forward. Prosecutors allege that cryptocurrency transactions linked to him were used to purchase a virtual private server and internet domain that facilitated attacks against organizations in the United States and other countries.
According to an FBI affidavit filed in the case, investigators have identified at least 11 U.S. companies that were compromised, although authorities believe the actual number of victims is significantly higher.
Thai authorities arrested Obrezko in early November during a joint operation with the FBI on the resort island of Phuket after raiding his hotel room, where investigators seized laptops, mobile phones and cryptocurrency wallets.
Russian diplomats later visited Obrezko in detention and sought his return to Russia, while Moscow separately placed him on an international wanted list earlier this year.
Researchers have described Void Blizzard as a relatively new threat group operating in support of Russian government interests. The hackers have targeted government agencies, defense contractors, transportation companies, media organizations, healthcare providers and nongovernmental organizations across Europe and North America, typically using purchased or stolen credentials to infiltrate networks and steal emails and internal documents.
Recorded Future
Intelligence Cloud.
Click Here For The Original Source.
