Boston, June 10 - Federal authorities say a suspected Russian hacker is now in U.S. custody after being arrested in Thailand last year and has been charged in connection with a widespread campaign of cyber intrusions that targeted many American companies.
Prosecutors identified the defendant as Denis Obrezko, 36, who made an initial appearance in federal court in Boston on Tuesday. The Justice Department alleges the case is linked to a broad cyber espionage operation carried out by a group referred to as Void Blizzard.
Obrezko faces a charge of conspiring to commit unauthorized access to a protected computer. Court records indicate he is being detained without bond. The matter is being prosecuted by the U.S. Department of Justice's National Security Division.
Requests for comment on Wednesday to the Justice Department and to the court-appointed attorney representing Obrezko were not immediately answered, according to court filings.
Government filings and public reporting cited in the case describe Void Blizzard as a Russia-aligned group that Microsoft identified in a May 2025 report as a newly observed actor conducting cyber espionage against organizations that are significant to Russian government objectives. According to that characterization, the group's activity has been ongoing since at least April 2024.
Microsoft's account, as reflected in the charging documents, said Void Blizzard has primarily focused on entities in NATO member states and in Ukraine. The group's targets have spanned a range of sectors, including government, defense, transportation, media, healthcare and non-governmental organizations.
In an affidavit filed by an FBI agent in support of the charges, authorities said much of Void Blizzard's work concentrated on mass email harvesting across diverse U.S. business sectors and industries. The FBI has identified at least 11 U.S. companies that were hacked, and the court filing states that figure likely represents only a portion of the group's victims.
Charging documents further allege that the FBI traced cryptocurrency transactions tied to Obrezko. Those transactions were used to purchase a virtual private server and a domain name that, according to the filings, were instrumental in mounting attacks on companies in the United States and elsewhere.
The charges against Obrezko allege his role in facilitating the technical infrastructure and operations that enabled unauthorized access to protected computer systems. The case remains under active prosecution by the National Security Division, and the court will handle subsequent proceedings as the matter moves forward.
While the filings outline links between Obrezko and elements of the campaign, the public record in the case leaves open the broader scope of Void Blizzard's activity beyond the incidents detailed by the FBI and Microsoft. The number of affected entities, the full geographic reach of the intrusions, and additional operational details are presented in the filings as limited to the information the agencies have been able to identify to date.