TrickBot malware dev pleads guilty, faces 35 years in prison

On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide.
According to court documents, a 40-year-old individual, also known as FFX, oversaw the development of TrickBot's browser injection component as a malware developer.
Allegedly, Dunaev's association with the TrickBot malware syndicate started in June 2016 after being hired as a developer following a recruitment test requiring him to create an app simulating a SOCKS server and to alter the Firefox browser.
"As set forth in the plea agreement, Vladimir Dunaev misused his special skills as a computer programmer to develop the Trickbot suite of malware," said U.S. Attorney Rebecca C. Lutzko.
"Dunaev and his codefendants hid behind their keyboards, first to create Trickbot, then using it to infect millions of computers worldwide - including those used by hospitals, schools, and businesses - invading privacy and causing untold disruption and financial damage."
The TrickBot malware helped its operators harvest personal and sensitive information and steal funds from their victims' banking accounts.
Dunaev entered a guilty plea for charges related to conspiracy to commit computer fraud and identity theft, alongside conspiracy charges for wire and bank fraud.
The initial indictment charged Dunaev and eight codefendants for their alleged involvement in developing, deploying, administering, and profiting from the Trickbot operation.
Dates Code description July 2016 - time of arrest Modifying the Firefox web browser December 2016 Machine Query that lets TrickBot determine the description, manufacturer, name, product, serial number, version, and content of the root file directory of an infected machine August 2016 - December 2018 Code that grabs and saves from the web browser its name, ID, type, configuration files, cookies, history, local storage, Flash Local Shared Objects/LSO October 2016 - time of arrest Code that searches for, imports, and loads files in the web browser's 'profile' folders; these contain cookies, storage, history, Flash LSO cookies.
It also connects to the browser databases to make queries and modify them July 2016 - time of arrest An executable app/utility to launch and manage a web browser July 2016 - time of arrest Code that collects and modifies data entries in Google Chrome LevelDB database, browsing history included.
Dunaev is the second TrickBot gang malware developer arrested by the U.S. Department of Justice.
In February and September, the United States and the United Kingdom sanctioned a total of 18 Russian nationals associated with the TrickBot and Conti cybercrime gangs for their involvement in the extortion of at least $180 million from victims worldwide.
They warned that some Trickbot group members are associated with Russian intelligence services.
Initially focused on stealing banking credentials when it surfaced in 2015, the TrickBot malware evolved into a modular tool leveraged by cybercrime organizations such as Ryuk and Conti ransomware for initial access into compromised corporate networks.
Following several takedown attempts, the Conti cybercrime gang gained control of TrickBot, harnessing it to develop more sophisticated and stealthy malware strains, including Anchor and BazarBackdoor.
An anonymous figure using the TrickLeaks moniker began leaking details about the TrickBot operation, further outlining its links with the Conti gang.
Malicious NuGet packages abuse MSBuild to install malware.
Hackers use new Agent Raccoon malware to backdoor US targets.
FjordPhantom Android malware uses virtualization to evade detection.
Atomic Stealer malware strikes macOS via fake browser updates.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 01 Dec 2023 21:55:18 +0000


Cyber News related to TrickBot malware dev pleads guilty, faces 35 years in prison

TrickBot malware dev pleads guilty, faces 35 years in prison - On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide. ...
11 months ago Bleepingcomputer.com
US readies prison cell for another Russian Trickbot dev The Register - Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members. Russian national Vladimir Dunaev, 40, faces a maximum sentence of 35 years in prison for his involvement ...
11 months ago Go.theregister.com
Russian developer of Trickbot malware pleads guilty, faces 35-year sentence - A Russian national pleaded guilty in federal court in Cleveland on Thursday to charges related to his involvement in developing and deploying the malicious software known as Trickbot. He faces a maximum penalty of 35 years, the U.S. Department of ...
11 months ago Therecord.media
Trickbot Malware Developer Pleads Guilty - A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware. Trickbot, a suite of malware tools, targeted hospitals and businesses, causing millions in losses. Trickbot is a sophisticated modular ...
11 months ago Gbhackers.com
Russian TrickBot Malware Developer Pleaded Guilty - Vladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware. The purpose of the malware was to launch cyberattacks against various American hospitals and companies. Trickbot has a collection of ...
9 months ago Gbhackers.com
Trickbot malware developer sentenced to 5 years behind bars The Register - A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses. Vladimir Dunaev, of ...
9 months ago Go.theregister.com
Russian Pleads Guilty to Role in Developing TrickBot Malware - A Russian national has admitted to his role in developing and using the notorious TrickBot malware. Vladimir Dunaev, 40, pleaded guilty to his involvement in the development and deployment of the TrickBot malware, which was used in cyberattacks ...
11 months ago Securityweek.com
Russian Programmer Pleads Guilty to Trickbot Conspiracy - A Russian man has pleaded guilty to charges connected to his involvement in the infamous Trickbot malware. Vladimir Dunaev, 40, of Amur Blast, was indirectly responsible for cyber-attacks on hospitals, schools and businesses that resulted in tens of ...
11 months ago Infosecurity-magazine.com
Russian TrickBot Malware Developer Sentenced to Prison in US - A Russian national has been sentenced in the US to five years and four months in prison for his role in the development and distribution of the TrickBot malware. On November 30, 2023, the man, Vladimir Dunaev, 40, of Amur Oblast, Russia, admitted in ...
9 months ago Securityweek.com
Ukrainian Faces Decades in Prison for Leading Prolific Malware Campaig - A Ukrainian national has pleaded guilty leading two prolific malware schemes and is facing up to 40 years imprisonment. The US Department of Justice said that Vyacheslav Igorevich Penchukov was behind the Zeus and IcedID malware campaigns, which led ...
8 months ago Infosecurity-magazine.com
How to Extract Malware Configurations in a Sandbox - The most sought-after source of these indicators is malware configurations. Malware Sandboxing Leader ANY.RUN handles the heavy lifting of phishing and malware analysis for SOC and DFIR teams and also helps 300,000 professionals use the platform to ...
9 months ago Gbhackers.com
Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison - Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. Penchukov was arrested in ...
8 months ago Bleepingcomputer.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
4 months ago Pandasecurity.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
9 months ago Securityintelligence.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
6 months ago Pandasecurity.com
Penalties Imposed on Individuals Involved in TrickBot and Conti Ransomware Activities by the US and UK - Today, the United States and the United Kingdom have taken action against seven Russian individuals for their involvement in the TrickBot cybercrime group. This group is responsible for developing malware such as TrickBot, BazarBackdoor, Anchor, and ...
1 year ago Bleepingcomputer.com
Ukraine Arrests Hacker for Assisting Russian Missile Strikes - Ukrainian security services have arrested a hacker for allegedly targeting government websites and providing intelligence to Russia to carry out missile strikes on the city of Kharkiv. Security Service of Ukraine revealed that its cyber unit has ...
9 months ago Infosecurity-magazine.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)