A 40-year-old Russian man has been sentenced to five years and four months in prison by a U.S. court for his role in the Trickbot gang that deployed ransomware and stole money and sensitive information from businesses around the world.
Vladimir Dunaev, from the Amur region in Russia’s Far East, is a key member of the Trickbot cybercrime gang, which is notorious for its sophisticated data-stealing trojans that defrauded the United States, United Kingdom, Innocent internet users in Australia, Canada, Germany, India, Italy and elsewhere.
It is estimated that millions of PCs around the world have been infected by Trickbot, stealing bank passwords, payment card details, Social Security numbers and dates of birth from individuals, financial institutions, hospitals, school leaders and government agencies. In recent years, Trickbot has also been used to spread ransomware.
Duanev is just one member of the Trickbot gang who helped develop the malware. His work included developing browser modifications for Chrome and Firefox browser malware, writing tools to help steal credentials and data from infected PCs, and hiding Trickbot from detection by security software.
Russian skills were also used to recruit other programmers into criminal gangs, manage servers used to deploy malware and launder stolen funds.
According to court documents, the Trickbot gang is believed to have defrauded victims of more than $3.4 million between October 2018 and February 2021.
Dunayev, who goes by the hacker handle “FFX”, was stranded at a South Korean airport during the Covid-19 pandemic and was extradited to the United States in 2021 after his arrest.
“This sentence demonstrates the department’s ability to put cyber criminals behind bars no matter where they are,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division. “We will work with partners around the world to continue to bring cybercriminals to justice.”
In June 2023, one of Dunayev’s co-conspirators admitted his role in the conspiracy and was sentenced to two years and eight months in prison. Like Duanev, Alla “Max” Witte, 55, a Latvian mother of two living in Miami, is developing code for the TrickBot malware gang.
The initial indictment charged Dunaev, Witte and five others with participating in the development, deployment, administration and profiting from Trickbot.
Unfortunately, many members of the Trickbot group are believed to have moved on to other cybercriminal activities. This does not mean that law enforcement stands by and does nothing. Seven Russian men, some of whom are believed to have previously been involved with Trickbot, were sanctioned by the UK and US last year in the hope it would disrupt their operations.
