Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware

News

Dec 02, 2023NewsroomCybercrime / Malware

A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced.

Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later.

“Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data mining from infected computers, facilitated and enhanced the remote access used by TrickBot actors, and created a program code to prevent the TrickBot malware from being detected by legitimate security software,” the DoJ said.

“During Dunaev’s participation in the scheme, 10 victims in the Northern District of Ohio, including Avon schools and a North Canton real-estate company, were defrauded of more than $3.4 million via ransomware deployed by TrickBot.”

Cybersecurity

Dunaev, who pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud, faces a maximum of 35 years in prison. He is scheduled to be sentenced on March 20, 2024.

Dunaev is also the second TrickBot gang malware developer to be arrested after Alla Witte, a Latvian national who, was sentenced to two years and eight months in prison in June 2023.

The development came nearly three months after the U.K. and U.S. governments sanctioned 11 individuals suspected of being part of the TrickBot cybercrime group.

TrickBot, which started off as a banking trojan in 2016, evolved into a multi-purpose tool capable of delivering additional payloads to infected hosts and acting as an initial access facilitator for ransomware attacks.

Cybersecurity

After surviving law enforcement to dismantle the botnet, the infamous Conti ransomware crew gained control over the operation. However, both Conti and TrickBot suffered a major blow last year following Russia’s invasion of Ukraine, when Conti pledged allegiance to Russia.

This led to a series of leaks dubbed ContiLeaks and TrickLeaks that gave away valuable information about their internal chats and infrastructure, ultimately resulting in the shut down of Conti and its disintegration into numerous other groups.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Sophisticated TA397 Malware Targets Turkish Defense Sector
CISA and EPA Warn of Cyber Risks to Water System Interfaces
US Government Issues Cloud Security Requirements for Federal Agencies

Leave a Reply

Your email address will not be published. Required fields are marked *