A suspected member of the Trickbot hacking group has been extradited to the United States and brought to justice there after being discovered in South Korea. The 38-year-old Vladimir Dunaev is accused of developing and distributing malware and banking Trojans as part of the international criminal group called Trickbot. He faces up to 60 years in prison.
To US Department of Justice information the Trickbot group came about from hackers who developed the banking Trojan Dyre. The banking Trojan Dyre ran out of breath at the end of 2015 after the Dyre botnet was shut down after a raid. As a result, Dunaew and other defendants developed the Trickbot malware.
According to the indictment, this malware infected millions of computers worldwide between November 2015 and August 2020 in order to steal money and confidential information. Individuals, financial institutions, schools, utilities, government agencies and private companies are named as victims.
Responsible for malware
As part of the Trickbot group, Dunaew was responsible for developing the malware. He also programmed appropriate extensions for popular browsers and helped to hide the malware from security software. The complaint lists several people as defendants, but their names have been blacked out except for Dunaew and Alla Witte. Witte was arrested in Miami in February.
The 55-year-old Latvian is also charged with being a member of the Trickbot group. The woman is accused of having written malicious code for trickbot distribution and for processing the victims’ payments. Their code was also alleged to have been used to monitor gang members.
Trickbot malware turned into ransomware
According to the lawsuit, the Trickbot malware was initially developed to collect login data for online banking and to collect other personal information such as credit card numbers, passwords and social security numbers via keylogging. The Trickbot software was later expanded to facilitate the installation and use of ransomware.
Dunaev was first searched for in the Yakutsk region in Russia and in Southeast Asia, but was then found in South Korea. He was extradited on October 20 and had his first appointment in the US Federal District Court for Eastern Ohio on October 28. There is the case USA v. Vladimir Dunaev, Alla Witte, et al pending under reference number 1: 20-CR-440. The charges include computer fraud, grave identity presumption, bank and transaction fraud conspiracy, bank fraud, and money laundering conspiracy.