Back

US Charges Russian Hacker for Role in Major Cyber Espionage Campaign

Severity: High (Score: 72.5)

Sources: Globalbankingandfinance, Channelnewsasia

Published: 2026-06-11 · Updated: 2026-06-11

Keywords: suspected, russian, hacker, facilitating, campaign, charges, cyber

Summary

Denis Obrezko, a 36-year-old suspected Russian hacker, was arrested in Thailand and is now in U.S. custody. He faces charges related to facilitating cyberattacks by the group Void Blizzard, which has targeted numerous U.S. companies. The group, active since April 2024, is linked to mass email harvesting and espionage activities against NATO member states and Ukraine. The FBI has identified at least 11 hacked U.S. companies, indicating a broader impact. Obrezko is charged with conspiring to access protected computers and is currently held without bond. The case is being prosecuted by the U.S. Department of Justice's National Security Division. Microsoft flagged Void Blizzard in May 2025 as a significant threat to organizations aligned with Russian government objectives. Key Points: • Denis Obrezko has been charged with facilitating cyberattacks by the group Void Blizzard. • Void Blizzard has targeted at least 11 U.S. companies and is linked to mass email harvesting. • The group has been active since April 2024, focusing on organizations in NATO and Ukraine.

Detailed Analysis

**Impact** At least 11 U.S. companies across multiple sectors have been compromised, with the actual number of victims believed to be higher. Targeted sectors include government, defense, transportation, media, healthcare, and non-governmental organizations primarily in NATO member states and Ukraine. The campaign involved mass email harvesting and unauthorized access, posing risks to sensitive business and operational data relevant to national security and critical infrastructure. **Technical Details** The threat actor, Denis Obrezko, facilitated attacks by acquiring virtual private servers and domain names via cryptocurrency transactions. The group Void Blizzard has been active since at least April 2024, conducting cyber espionage aligned with Russian government objectives. The primary tactic involved mass email harvesting to enable unauthorized access to protected computers. Specific malware, CVEs exploited, or detailed IOCs were not disclosed in the available reports. **Recommended Response** Organizations should monitor for suspicious mass email activity and unauthorized access attempts, especially those involving newly registered domains and VPN usage linked to cryptocurrency payments. Deploy email filtering and anomaly detection tools focused on credential harvesting and phishing campaigns. Harden access controls and review logs for unusual authentication patterns. No specific patches or IOCs were provided; continuous monitoring of related infrastructure and threat intelligence updates is advised.

Source articles (2)

  • US charges suspected Russian hacker with facilitating cyber campaign — Channelnewsasia · 2026-06-10
    BOSTON, June 10 : A suspected Russian hacker is now in U.S. custody following his arrest in Thailand last year and has been charged with facilitating a campaign of cyberattacks carried out by a Russia…
  • US charges suspected Russian hacker with facilitating cyber campaign — Globalbankingandfinance · 2026-06-10
    BOSTON, June 10 (Reuters) - A suspected Russian hacker is now in U.S. custody following his arrest in Thailand last year and has been charged with facilitating a campaign of cyberattacks carried out b…

Timeline

  • 2024-04-01 — Void Blizzard begins operations: The group Void Blizzard has been active since at least April 2024, targeting various sectors in NATO member states and Ukraine.
  • 2025-05-01 — Microsoft flags Void Blizzard: Microsoft identified Void Blizzard as a new cyber espionage group targeting organizations aligned with Russian government objectives.
  • 2026-06-10 — Obrezko arrested and charged: Denis Obrezko was charged in a Boston federal court for facilitating cyberattacks by Void Blizzard, now in U.S. custody.

Related entities

  • Void Blizzard (Apt Group)
  • Data Breach (Attack Type)
  • Russia (Country)
  • Thailand (Country)
  • Ukraine (Country)
  • United States (Country)
  • Defense (Industry)
  • Government (Industry)
  • Healthcare (Industry)
  • Media (Industry)
  • Non-governmental Organizations (Industry)
  • Transportation (Industry)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed