The US Department of Justice (DOJ) announced that a Russian national has been found guilty in connection with his role in developing and deploying malware called TrickBot.
Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the US a month later.
“Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data mining from infected computers, facilitated and enhanced the remote access used by TrickBot actors, and created a program code to prevent the TrickBot malware from being detected by legitimate security software,” the DoJ said.
“During Dunaev’s participation in the scheme, 10 victims in the Northern District of Ohio, including Avon Schools and a North Canton real-estate company, were defrauded of more than $3.4 million via ransomware deployed by TrickBot.”
Dunaev, who pleaded guilty to conspiracy to commit computer fraud and identity theft and wire fraud and bank fraud, faces a maximum of 35 years in prison. He is scheduled to be sentenced on March 20, 2024.
Dunaev is also the second Trickbot gang malware developer to be arrested, after Latvian citizen Alla Witte, who was sentenced to two years and eight months in prison in June 2023.
The development came nearly three months after the U.K. and U.S. government sanctions 11 individuals suspected of being part of the TrickBot cybercrime group.
Trickbot, which began as a banking Trojan in 2016, evolved into a multi-purpose tool capable of delivering additional payloads to infected hosts and acting as an early access facilitator for ransomware attacks.
After evading law enforcement to destroy the botnet, the notorious Conti ransomware crew gained control of the operation. However, both Conti and Trickbot suffered a major blow following Russia’s invasion of Ukraine last year, when Conti pledged allegiance to Russia.
This led to a series of leaks called ContiLeaks and TrickLeaks, which gave valuable information about their internal chats and infrastructure, which ultimately resulted in the closure of Conti and its disintegration into several other groups.
