Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Crime Security The Courts United Kingdom

US, UK Sanction 7 Men Tied To Trickbot Hacking Group (krebsonsecurity.com) 5

An anonymous reader quotes a report from KrebsOnSecurity: Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into "a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks," the Treasury Department said.

"During the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centers, launching a wave of ransomware attacks against hospitals across the United States," the sanctions notice continued. "In one of these attacks, the Trickbot Group deployed ransomware against three Minnesota medical facilities, disrupting their computer networks and telephones, and causing a diversion of ambulances. Members of the Trickbot Group publicly gloated over the ease of targeting the medical facilities and the speed with which the ransoms were paid to the group."

Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. According to the Treasury Department, the alleged senior leader of the Trickbot group is 34-year-old Russian national Vitaly "Bentley" Kovalev. A New Jersey grand jury indicted Kovalev in 2012 after an investigation by the U.S. Secret Service determined that he ran a massive "money mule" scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States. The 2012 indictment against Kovalev relates to cybercrimes he allegedly perpetrated prior to the creation of Trickbot.
A copy of the now-unsealed 2012 indictment of Kovalev is here (PDF).
This discussion has been archived. No new comments can be posted.

US, UK Sanction 7 Men Tied To Trickbot Hacking Group

Comments Filter:
  • Color me entirely not surprised. Place has become the new Nigeria when it comes to online scam HQ.

    • by Moryath ( 553296 )

      Russia has always been HQ for organized-crime attacks like this.

      "Nigerian Prince" scams (advance-fee scams) were low-hanging-fruit attacks, and while Nigeria went big in the news for a while, have been tied to any number of countries largely because they don't require much setup and can be run by a solo operator.

      India is the haven for call-center scams [youtube.com] because after everyone else on the world realized Indian tech support call centers are shit, they suddenly had a bunch of unemployed barely-competent cal

    • New?

      The RBN [wikipedia.org] has existed since at least 2006.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...