US readies prison cell for another Russian Trickbot dev The Register

Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members.
Russian national Vladimir Dunaev, 40, faces a maximum sentence of 35 years in prison for his involvement in the now-shuttered Trickbot malware, which was often used to deploy ransomware.
Pleading guilty to the charges against him on Thursday, Dunaev was one of the developers behind Trickbot - malware that was used to attack various organizations including hospitals and schools.
The Department of Justice said that tens of millions of dollars in losses have been incurred by Trickbot victims since it was first launched in 2016.
"As set forth in the plea agreement, Vladimir Dunaev misused his special skills as a computer programmer to develop the Trickbot suite of malware," said Rebecca C Lutzko, US attorney for the Northern District of Ohio, in response to Dunaev's plea hearing.
"Dunaev and his codefendants hid behind their keyboards, first to create Trickbot, then using it to infect millions of computers worldwide - including those used by hospitals, schools, and businesses - invading privacy and causing untold disruption and financial damage."
Dunaev was extradited to the US from the Republic of Korea in 2021 and joins a growing list of Trickbot members firmly in the crosshairs of US prosecutors.
Earlier that year, fellow Trickbot developer Alla Witte, 55, was snared by the DoJ and faced a 47-count indictment, potentially leading to a lifetime sentence.
Witte was sentenced in June 2023 and ultimately received just two years and eight months in prison.
In September this year, the US and UK jointly issued financial sanctions on 11 other members of Trickbot, all believed to hold roles in the development or administration of the malware.
These were the second round of sanctions against members of the group, with the first coming earlier in February.
Seven individuals were named in what was the UK's first-ever cybercrime-related round of sanctions.
The UK's National Crime Agency said the group had extorted at least $180 million from victims globally, at least $34 million of which came from 149 victims in the UK. Trickbot started life as a banking trojan and is widely believed to be the successor to the Dyre malware, another banking trojan first spotted two years earlier in 2014.
The code similarities between the two led researchers to believe the same team behind Dyre may have also helped bring Trickbot to life, though US prosecutors have made no such links.
From its birth in 2016, Trickbot was under consistent active development with new features regularly being added to the kit, including wormabilty in 2017 - a feature that researchers at Malwarebytes believe was inspired by WannaCry and EternalPetya.
Over the years it's helped deploy ransomware variants such as Ryuk and was a long-time partner of Emtotet, even playing a role in its 2021 rebirth just six months after an internationally coordinated law enforcement effort brought it down.
Many of its members were thought to have already shifted to the hugely successful Conti ransomware gang.
The Russia-linked group behind Trickbot, Conti, and Ryuk is Wizard Spider, which has also attracted heavy attention from the US, including multimillion-dollar bounties for information about its members.
According to the list of sanctioned individuals tied to Trickbot, it even has normal-sounding job titles such as human resources officers.
Should the links to Russia be true, it's unlikely the sanctioned individuals will ever be extradited and face their charges, unless they enter a country with an extradition agreement with the US. .


This Cyber News was published on go.theregister.com. Publication date: Fri, 01 Dec 2023 23:06:57 +0000


Cyber News related to US readies prison cell for another Russian Trickbot dev The Register

US readies prison cell for another Russian Trickbot dev The Register - Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members. Russian national Vladimir Dunaev, 40, faces a maximum sentence of 35 years in prison for his involvement ...
10 months ago Go.theregister.com
TrickBot malware dev pleads guilty, faces 35 years in prison - On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide. ...
10 months ago Bleepingcomputer.com
Russian developer of Trickbot malware pleads guilty, faces 35-year sentence - A Russian national pleaded guilty in federal court in Cleveland on Thursday to charges related to his involvement in developing and deploying the malicious software known as Trickbot. He faces a maximum penalty of 35 years, the U.S. Department of ...
10 months ago Therecord.media
Russian TrickBot Malware Developer Pleaded Guilty - Vladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware. The purpose of the malware was to launch cyberattacks against various American hospitals and companies. Trickbot has a collection of ...
8 months ago Gbhackers.com
Russian TrickBot Malware Developer Sentenced to Prison in US - A Russian national has been sentenced in the US to five years and four months in prison for his role in the development and distribution of the TrickBot malware. On November 30, 2023, the man, Vladimir Dunaev, 40, of Amur Oblast, Russia, admitted in ...
8 months ago Securityweek.com
Trickbot malware developer sentenced to 5 years behind bars The Register - A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses. Vladimir Dunaev, of ...
8 months ago Go.theregister.com
Trickbot Malware Developer Pleads Guilty - A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware. Trickbot, a suite of malware tools, targeted hospitals and businesses, causing millions in losses. Trickbot is a sophisticated modular ...
9 months ago Gbhackers.com
Russian Pleads Guilty to Role in Developing TrickBot Malware - A Russian national has admitted to his role in developing and using the notorious TrickBot malware. Vladimir Dunaev, 40, pleaded guilty to his involvement in the development and deployment of the TrickBot malware, which was used in cyberattacks ...
10 months ago Securityweek.com
Russian Programmer Pleads Guilty to Trickbot Conspiracy - A Russian man has pleaded guilty to charges connected to his involvement in the infamous Trickbot malware. Vladimir Dunaev, 40, of Amur Blast, was indirectly responsible for cyber-attacks on hospitals, schools and businesses that resulted in tens of ...
10 months ago Infosecurity-magazine.com
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
10 months ago Bleepingcomputer.com
Britain and US Take Action Against Ransomware Criminals by Imposing Sanctions on Seven People - On Thursday, the United Kingdom and United States imposed sanctions on seven people linked to a single criminal network responsible for Conti and Ryuk ransomware gangs and the Trickbot banking trojan. This is the first major move of a new joint ...
1 year ago Therecord.media
Ukraine Arrests Hacker for Assisting Russian Missile Strikes - Ukrainian security services have arrested a hacker for allegedly targeting government websites and providing intelligence to Russia to carry out missile strikes on the city of Kharkiv. Security Service of Ukraine revealed that its cyber unit has ...
8 months ago Infosecurity-magazine.com
CVE-2023-52578 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
Penalties Imposed on Individuals Involved in TrickBot and Conti Ransomware Activities by the US and UK - Today, the United States and the United Kingdom have taken action against seven Russian individuals for their involvement in the TrickBot cybercrime group. This group is responsible for developing malware such as TrickBot, BazarBackdoor, Anchor, and ...
1 year ago Bleepingcomputer.com
US sanctions Russian for cleaning Ryuk's and oligarchs' cash The Register - A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals. Among these was her alleged ...
10 months ago Theregister.com
Detained Russian student allegedly helped Ukrainian hackers with cyberattacks - A Russian tech student could face treason charges for helping Ukrainian hackers carry out cyberattacks against Russia. A resident of the Siberian city of Tomsk, Seymour Israfilov was detained by Russian security services in October, but little ...
8 months ago Therecord.media
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2023-52784 - In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until today. ...
4 months ago Tenable.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
10 months ago Bleepingcomputer.com
Kazakhstan to extradite Russian cyber expert to Moscow despite US requests - Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow after refusing to send him to the U.S. Nikita Kislitsin, who was detained in Kazakhstan earlier in June at the request of the U.S., will face hacking and ...
9 months ago Therecord.media
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
Feds arrest Russians accused of tech smuggling operation The Register - Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine. Nikolay Goltsev, a ...
10 months ago Theregister.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
9 months ago Bleepingcomputer.com
Who Is Behind Pro-Ukrainian Cyberattacks on Iran? - COMMENTARY. Ukrainian cyber forces have attacked Russian infrastructure and assets almost since the first day of the Russian invasion of Ukraine on Feb. 24, 2022. While its mainstay is denial-of-service attacks that have knocked out the Russian ...
8 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)