Security News > 2023 > February > U.S. and U.K. sanction TrickBot and Conti ransomware operation members

U.S. and U.K. sanction TrickBot and Conti ransomware operation members
2023-02-09 15:21

The United States and the United Kingdom have sanctioned seven Russian individuals for their involvement in the TrickBot cybercrime group, whose malware was used to support attacks by the Conti and Ryuk ransomware operation.

TrickBot is a cybercrime gang responsible for developing numerous malware families, such as the eponymous TrickBot malware, BazarBackdoor, Anchor, and BumbleBee.

The TrickBot group was later taken over by the Conti ransomware gang, who took charge of developing the group's malware to support their own ransomware attacks.

The sanctions come after a massive trove of internal conversations, and personal information was leaked from Conti and TrickBot members in what was called the ContiLeaks and TrickLeaks.

These data breaches ultimately led to the Conti gang shutting down their operation and their members starting new ransomware operations or joining existing ones.

As these individuals likely moved on to other ransomware operations after the Conti operation shut down, this action could also significantly hamper the payment of ransoms to other ransomware gangs known to have members previously affiliated with Conti.


News URL

https://www.bleepingcomputer.com/news/security/us-and-uk-sanction-trickbot-and-conti-ransomware-operation-members/