Global Law Enforcement Operation Dismantles Notorious 8Base Ransomware Gang's Dark Web Sites
February 11, 2025
The seizure notice was first observed by security researchers on February 5, 2025, indicating the operation's recent execution.
Lucy Sneddon from the U.K.'s National Crime Agency confirmed the operation's authenticity, highlighting the collaborative efforts of various law enforcement agencies.
As part of Operation Phobos Aetor, Thai media reported the arrest of four European nationals linked to the group, which has been responsible for over 1,000 cyber attacks.
A coordinated law enforcement operation has successfully dismantled the dark web sites associated with the 8Base ransomware gang, involving international agencies from Europe, Japan, the U.S., and the U.K.
The Bavarian State Criminal Police Office led the seizure operation, which resulted in more than 40 pieces of evidence being collected, including digital devices and wallets.
Visitors to the now-seized data leak site are greeted with a notice from the Bavarian State Criminal Police Office, marking the end of its operations.
The suspects are linked to deploying Phobos ransomware against 17 companies in Switzerland, generating approximately $16 million in profits between April 2023 and October 2024.
In 2023, the U.S. government had issued warnings about the gang's indiscriminate targeting of various sectors, particularly in the healthcare industry.
8Base emerged as a significant player in the ransomware landscape in 2023, utilizing Phobos ransomware artifacts in their attacks.
The group has been known to employ various ransomware strains, including Phobos, which has connections to a significant Russian hacker extradited to the U.S.
First identified in 2022, the financially motivated 8Base gang is notorious for its double-extortion tactics, encrypting data and threatening exposure unless a ransom is paid.
Before the takedown, 8Base portrayed itself as 'honest and simple pentesters,' claiming to target only organizations neglecting data privacy.
Summary based on 2 sources
Get a daily email with more Tech stories
Sources

TechCrunch • Feb 10, 2025
Global police operation seizes 8base ransomware gang leak site | TechCrunch
The Hacker News • Feb 11, 2025
8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation