Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

26.01.2024

 

Russian national Vladimir Dunaev, aged 40, has been sentenced to a prison term of five years and four months for his involvement in the creation and distribution of the TrickBot malware, as reported by the U.S. Department of Justice (DoJ). This verdict follows Dunaev’s guilty plea, submitted nearly two months ago, wherein he admitted to charges of computer fraud, identity theft, and conspiracy to commit wire and bank fraud.

The DoJ disclosed that TrickBot, initially a banking trojan dating back to 2016, evolved into a versatile tool capable of deploying various payloads, including ransomware. The malware caused significant financial losses to millions of victims, including hospitals, schools, and businesses. After attempts to dismantle the botnet, it became part of the Conti ransomware operation in 2022.

The allegiance of the cybercrime group to Russia during the Russo-Ukrainian war resulted in the release of leaked information, known as ContiLeaks and TrickLeaks, leading to the group’s shutdown in mid-2022. This fragmentation resulted in the emergence of multiple other ransomware and data extortion groups.

Dunaev was responsible for providing specialized services and technical expertise to advance the TrickBot scheme from June 2016 to June 2021. He developed browser modifications and malicious tools to extract credentials and sensitive data from compromised systems, as well as enabling remote access. Additionally, he designed programs to evade detection by legitimate security software.

This sentencing update follows the imprisonment of another TrickBot developer, Alla Witte, a Latvian national, who received a two-year and eight-month sentence in June 2023.

In related news, financial sanctions were recently imposed by the governments of Australia, the U.K., and the U.S. on Alexander Ermakov, a Russian national affiliated with the REvil ransomware gang. Ermakov, known by various online aliases such as blade_runner and JimJones, orchestrated the 2022 attack against health insurance provider Medibank. Intel 471, a cybersecurity firm, revealed Ermakov’s involvement in cybercriminal activities, including network intrusions, malware development, and ransomware attacks. His active role in the cybercrime-as-a-service economy was evident, encompassing both legitimate and criminal software development through a software development company with which he was associated.

Other news

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic.

Read More

Former CIA software engineer who leaked to WikiLeaks sentenced to 40 years

A former CIA software engineer has been sentenced to 40 years in prison for leaking classified information and possessing child sexual abuse material.

Read More
en_USEnglish