A Latvian woman has been charged with developing malicious software used by a cybercrime organization that infected computers worldwide and looted bank accounts of millions of dollars, the Justice Department said Friday.
Alla Witte is charged as part of a 47-count indictment with participating in an organization known as the Trickbot Group, which authorities say operated in Russia and several other countries. The group is accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities.
Witte, who authorities say previously lived in Suriname, was arrested in Miami in February. She was arraigned Friday in federal court in Cleveland, according to the Justice Department.
The prosecution, which the Justice Department says is part of its newly developed ransomware task force, comes as the Biden administration confronts a growing scourge of ransomware attacks that have targeted crucial supply chains including meat and fuel. The White House, which has also been contending with cyberespionage campaigns aimed at U.S. government agencies, issued a memo this week underscoring that the fight against ransomware is a top priority.
“These charges serve as a warning to would-be cybercriminals that the Department of Justice, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use all the tools at our disposal to disrupt the cybercriminal ecosystem,” Deputy Attorney General Lisa Monaco said in a statement.
The indictment accuses Witte of participating in a scheme to steal millions of dollars from entities across the world by infecting computers with malware that captured personal information — such as credit card numbers and passwords — and gave TrickBot members access to the victims’ networks.
Among the targets identified in the indictment are real estate and law firms, country clubs, public school districts and other companies.
Prosecutors say Witte worked as a malware developer for the group, writing code related to ransomware that told victims that they’d need to acquire special software to decrypt their files. She’s also accused of providing code that monitored and tracked authorized users of the malware.
In October, weeks before the 2020 presidential election, Microsoft announced legal action to disrupt TrickBot in an operation aimed at knocking offline command-and-control servers.
The indictment, which includes multiple other defendants whose names have been blacked out, includes charges of conspiracy to commit computer fraud, aggravated identity theft and other crimes.
It was not immediately clear if Witte had a lawyer.
Related: U.S. Charges 22 in Stolen Payment Cards Crackdown
Related: QQAAZZ Group Charged for Helping Banking Trojan Operators Launder Money

More from Associated Press
- National Security Agency is Starting an Artificial Intelligence Security Center
- A Key US Government Surveillance Tool Should Face New Limits, a Divided Privacy Oversight Board Says
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
- MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
- California Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal Judge
- Two Vegas Casinos Fell Victim to Cyberattacks, Shattering the Image of Impenetrable Casino Security
- TikTok Is Hit With $368 Million Fine Under Europe’s Strict Data Privacy Rules
Latest News
- Synqly Joins Race to Fix Security, Infrastructure Product Integrations
- ZDI Discusses First Automotive Pwn2Own
- Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies
- US Executives Targeted in Phishing Attacks Exploiting Flaw in Indeed Job Platform
- Actor Tom Hanks Warns of Ad With AI Imposter
- Network, Meet Cloud; Cloud, Meet Network
- Dozens of Malicious NPM Packages Steal User, System Data
- Motel One Discloses Ransomware Attack Impacting Customer Data
