Vladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware.
The purpose of the malware was to launch cyberattacks against various American hospitals and companies.
Trickbot has a collection of malware tools created to steal money and make ransomware deployment easier.
Among the millions of Trickbot victims who lost tens of millions of dollars were hospitals, schools, and companies.
The malware was utilized to support many ransomware strains when it was operational, and it served as an initial intrusion vector into victim computer systems.
The U.S. Justice Department said Dunaev contributed specialized skills and technical expertise to support the Trickbot scheme.
He pled guilty to charges of computer fraud, identity theft, and conspiring to commit bank and wire fraud.
Dunaev developed malicious tools and browser modifications that made it easier to access credentials and mine data from compromised systems.
He also developed program code that made it harder for legitimate security software to detect the Trickbot malware.
Using ransomware deployed by Trickbot, 10 victims in the Northern District of Ohio-including Avon schools and a real estate company in North Canton-were scammed out of about $3.4 million during Dunaev's operation.
Trustifi's Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user's mailbox.
Dunaev was brought to the Northern District of Ohio in 2021 from the Republic of Korea and entered a guilty plea to charges of conspiring to commit bank and wire fraud, identity theft, and computer fraud.
He will be sentenced on March 20, 2024, and the maximum term for both charges is 35 years in prison.
Dunaev and eight other defendants were accused in the initial indictment returned in the Northern District of Ohio for their claimed roles in developing, deploying, managing, and profiting from Trickbot.
One of Dunaev's associates, Alla Witte, a Latvian national and developer of the Trickbot malware, pleaded to conspiracy to conduct computer fraud in June and was given a two-year and eight-month prison sentence.
Financial sanctions were imposed on some alleged Trickbot members by the Treasury Department's Office of Foreign Assets Control in February and September.
This Cyber News was published on gbhackers.com. Publication date: Fri, 26 Jan 2024 16:13:03 +0000