SECURITY
SECURITY
SECURITY
New charges filed against Trickbot ransomware gang
The malware gang behind the Trickbot ransomware exploits, also known as Conti, faces a new series of charges by both the U.S. and the U.K. governments.
The charges, filed yesterday, reveal the actual identities of the criminals, who will probably never see a courtroom, let alone a prison, anywhere in the world. Nevertheless, they represent a continued law enforcement effort to bring international cyber criminals to justice and disrupt their operations.
Earlier this year, seven Russian nationals received sanctions for activities going back to 2016 that began with a huge botnet designed to steal banking credentials and eventually moved into cryptocurrency thefts. “Trickbot has since evolved into a highly modular malware suite that enables a variety of malicious cyber activities, including ransomware,” according to the U.S. Justice Department blog post describing the operation. This week’s legal actions named 11 new individuals in an indictment unsealed by the DOJ, some of whom are shown below.
The new crowd are all Russian nationals and had various roles in the enterprise, including software developers, payment administrators, several midlevel managers and Andrey Zhuykov, who was identified as “a central actor and senior administrator in the group.”
The group was estimated to have stolen at least £27 million from 149 U.K. victims, and an additional $800 million elsewhere around the globe.
“These criminals thought they were untouchable, but our message is clear: we know who you are and, working with our partners, we will not stop in our efforts to bring you to justice,” said Rob Jones, the U.K. National Crime Agency’s director general of operations.
All of the group’s members are now subject to a variety of legal restrictions including travel bans and asset freezes, along with checks to block any transactions that might appear in legitimate global financial networks.
The members charged this week and earlier this year have dual identities in the Conti and Trickbot criminal organizations. Conti was taken down last year, but these members continued to operate. One of its ransomware calling cards was Qakbot, which was taken down by the FBI late last month.
Photo: UK NCA
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
