A Russian TrickBot gang hacker charged for cybercrime has been extradited to the US. The Russian individual was arrested in South Korea last month and extradited to the US on October 20 to face charges for his alleged role as a member of the TrickBot gang.
Vladimir Dunaev, 28, along with other members of the TrickBot gang stole money and confidential information from unsuspecting victims, this included individuals, financial institutions, school districts, utility companies, government entities, and private businesses.
TrickBot started off as a banking trojan in 2016, later evolved into a modular, multi-stage Windows-based crimeware solution. It was capable of pilfering valuable personal and financial information, and even dropping ransomware and post-exploitation toolkits on compromised devices. The malware has given a hard time to security agencies, which can be seen from the fact that it managed to survive at least two takedowns spearheaded by Microsoft and the U.S. Cyber Command a year ago.
Earlier this year the US government charged a 55-year-old woman from Latvia, Alla Witte. According to the prosecutors she worked as a programmer, supervised the code creation related to monitoring and tracking of authorized users of the Trickbot malware. While Dunaev is the other person arrested in 2021 in this case. Dunaev has admitted to working as a developer for the group, he was in charge of creating, deploying, and managing the Trickbot malware beginning in November 2015. He also supervised the execution of the malware and designed Firefox web browser modifications and helped to hide the malware from detection by security software.
According to a South Korean media report, Dunaev was arrested (then identified only as “Mr. A”) at the Incheon International Airport while attempting to escape to Russia after being stranded in the country for over a year due to COVID-19. He was forced to stay in a hotel while his passport was reissued, earlier the passport expired in the interim period since he arrived in February 2020.
Once the passport was reissued, he tried to head over to Russia. Later was arrested and will be extradited to the US. He is charged with conspiracy to commit computer fraud and aggravated identity theft, conspiracy to commit wire and bank fraud, conspiracy to commit money laundering, and multiple counts of wire fraud, bank fraud, and aggravated identity theft. He will have to face a prison term of 60 years if proven guilty.
Deputy Attorney General Lisa O. Monaco in a statement said, “Trickbot attacked businesses and victims across the globe and infected millions of computers for theft and ransom, including networks of schools, banks, municipal governments, and companies in the health care, energy, and agriculture sectors.”