Caught in Thailand: Russian Hacker Linked to £1B Crypto Laundering Nabbed at Phuket Resort

A Russian hacker linked to extensive cyberattacks across Europe and the United States has been arrested at a luxury resort in Phuket, after intelligence from the FBI prompted Thai authorities to track him down.

The suspect, identified by Russian state media as 35-year-old Denis Obrezko, is accused of working with Void Blizzard, a state-aligned cyber gang involved in sophisticated espionage, credential theft and large-scale laundering operations.

How a 'World-Class Hacker' Slipped Into Thailand

Obrezko arrived in Thailand on 30 October, blending into the steady flow of tourists visiting Phuket. According to The Telegraph, he checked into a resort hotel and remained there for a week before Thai police executed an arrest warrant.

Officers raided his room on 6 November, seizing laptops, mobile phones and multiple digital wallets believed to contain stolen or laundered assets. Thai authorities confirmed that the operation followed a tip from the FBI warning that a 'world-class hacker' was travelling through the region.

The Thai Cyber Crime Investigation Bureau later announced that the arrest was made under an international warrant tied to cyber crimes committed against government agencies in the United States and Europe. The suspect was transported to Bangkok, where he remains in custody as he awaits possible extradition to the US.

Inside the Cyber Gang Behind the Attacks

Microsoft's threat intelligence division identified Void Blizzard, also called 'Laundry Bear', as a major Russian-affiliated cyber espionage group operating since April 2024. The group has targeted NATO members, Ukraine and organisations connected to defence, transportation and healthcare. Investigators say the gang specialises in spear phishing and credential theft, with attacks designed to infiltrate sensitive systems and collect intelligence that could support Russian strategic objectives.

According to the NY Times report, Void Blizzard overlaps with other Russian state-linked groups, including Forest Blizzard and Midnight Blizzard. These groups have previously targeted air traffic controllers, aviation companies and non-governmental organisations through password spraying and spoofed defence-summit emails. In one April 2025 campaign, Void Blizzard reportedly posed as the organiser of a European defence conference and sent fake PDF attachments to 20 organisations across Europe and the US.

Officials Stay Silent as Extradition Battle Begins

While Russian state media was quick to identify Obrezko, Thai police initially withheld his name. The US Department of Justice and State Department both declined to comment when asked about extradition. Russian officials in Thailand also refused to respond to media inquiries, though a consular representative confirmed that diplomats visited Obrezko in prison and were arranging family access.

According to Yahoo News, Obrezko's relatives intend to fight extradition, a process that could take months while courts weigh the US request. Thailand has said the formal paperwork has been received, but no timeline has been announced for a final ruling.

Reports of a Second Arrest Prove False

Several outlets earlier claimed that another Russian hacker with ties to military intelligence had been detained in Phuket the day after Obrezko's arrest. However, Thai police issued a clarification that there had been only one arrest and stated that the second suspect, Aleksey Lukashev, 'remains a wanted fugitive'.

Why This Arrest Matters Globally

Obrezko's capture represents a major step in the international effort to disrupt Russian-affiliated cyber groups. The hacking networks connected to Void Blizzard have targeted critical sectors across multiple countries, placing governments on high alert. Thai authorities say cooperation with the FBI was essential to locating the suspect quickly.

As investigators process the devices seized at the Phuket resort, agencies in both Europe and the United States expect new details to emerge about the scale of Void Blizzard's operations, and the millions, possibly billions, of pounds in stolen or laundered assets linked to the group.