A Russian national has been sentenced in the US to five years and four months in prison for his role in the development and distribution of the TrickBot malware.
On November 30, 2023, the man, Vladimir Dunaev, 40, of Amur Oblast, Russia, admitted in court to his role in the TrickBot scheme, which caused tens of millions of dollars in losses to organizations worldwide, including schools and hospitals.
Taken down in 2022, TrickBot had infected millions of computers worldwide since 2016, stealing sensitive information, including banking credentials, credit card numbers, and personal information, and being used to deploy other malware families, including ransomware such as Ryuk and Conti.
Involved in the TrickBot operation between 2015 and 2020, Dunaev created tools for credential harvesting and information theft, facilitated remote access to victim machines, and enhanced TrickBot's evasion capabilities.
According to the US Department of Justice, during Dunaev's involvement in the scheme, ransomware deployed via TrickBot was used to defraud 10 victims in the US, including schools and a real-estate company, of more than $3.4 million.
Dunaev, who was extradited to the US in 2021 following his arrest in South Korea, was indicted along with six other defendants for their involvement in the development, deployment, and management of TrickBot.
In February and September last year, the US slapped sanctions against members of the TrickBot group and announced charges against individuals believed to be involved in the malware's development.
This Cyber News was published on www.securityweek.com. Publication date: Fri, 26 Jan 2024 12:13:15 +0000