Thai authorities confirmed the detention of an internationally recognized hacker who is wanted by the United States for cyberattacks against government agencies. The suspect was later identified by Russian state media as Denis Obrezko, a 35-year-old from Stavropol with a professional history in prominent Russian IT companies where he focused on creating advanced systems for domestic industries.
Obrezko’s detention occurred on November 6 in Phuket during a collaborative operation between the FBI and the Thai police, according to reports from local media citing law enforcement. Police conducted a raid on his hotel room on the resort island just a week after his arrival and confiscated various items, including laptops, mobile phones, and digital wallets.
Following his arrest, the suspect was reportedly being held in Bangkok awaiting extradition proceedings to the United States. His family has confirmed his arrest and stated that they are engaging legal counsel to contest his transfer to American jurisdiction. The Russian embassy in Bangkok has also formally requested consular access to Obrezko.
While Thai officials have refrained from publicly naming the individual, local police sources disclosed to CNN that the suspect, Obrezko, is allegedly a member of the Russia-affiliated hacking group known as Void Blizzard, which is also tracked under the name Laundry Bear. This group was first detailed earlier this year in a report published by Microsoft.
In its May report, Microsoft classified Void Blizzard as a relatively recent advanced persistent threat (APT) espionage group that operates in service of Russian government interests. This group has systematically targeted organizations spanning government, defense, transportation, media, NGOs, and healthcare sectors, with its efforts primarily focused on North America and Europe. The threat actor typically gains unauthorized entry into networks by using either purchased or stolen credentials, followed by the exfiltration of substantial volumes of internal documents and emails. Given its high volume of activity against critical sectors, Microsoft warned that the group “poses a heightened risk to NATO member states and allies to Ukraine in general.”
Reference:
