Security News > 2021 > October > Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime
A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group.
Starting its roots as a banking trojan in 2016, TrickBot has evolved into a modular, multi-stage Windows-based crimeware solution capable of pilfering valuable personal and financial information, and even dropping ransomware and post-exploitation toolkits on compromised devices.
On the legal front, the U.S. government earlier this year charged a 55-year-old Latvian woman, named Alla Witte, who the prosecutors said worked as a programmer "Overseeing the creation of code related to the monitoring and tracking of authorized users of the Trickbot malware." Dunaev is the second Trickbot defendant to be arrested in 2021.
Dunaev, specifically, is said to have worked as a developer for the group, in charge of creating, deploying, and managing the Trickbot malware beginning in November 2015, while also overseeing the malware's execution, as well as designing Firefox web browser modifications and helping to hide the malware from detection by security software.
Once the passport was replaced, the defendant tried to leave for his native home in Russia, leading to his arrest pursuant to an extradition request from the U.S. Dunaev has been charged with conspiracy to commit computer fraud and aggravated identity theft, conspiracy to commit wire and bank fraud, conspiracy to commit money laundering, and multiple counts of wire fraud, bank fraud, and aggravated identity theft.
"Trickbot attacked businesses and victims across the globe and infected millions of computers for theft and ransom, including networks of schools, banks, municipal governments, and companies in the health care, energy, and agriculture sectors," said Deputy Attorney General Lisa O. Monaco in a statement.
News URL
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- 100+ domains seized to stymie Russian Star Blizzard hackers (source)
- Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)