A Russian national has been sentenced in the US to five years and four months in prison for his role in the development and distribution of the TrickBot malware.
On November 30, 2023, the man, Vladimir Dunaev, 40, of Amur Oblast, Russia, admitted in court to his role in the TrickBot scheme, which caused tens of millions of dollars in losses to organizations worldwide, including schools and hospitals.
Taken down in 2022, TrickBot had infected millions of computers worldwide since 2016, stealing sensitive information, including banking credentials, credit card numbers, and personal information, and being used to deploy other malware families, including ransomware such as Ryuk and Conti.
Involved in the TrickBot operation between 2015 and 2020, Dunaev created tools for credential harvesting and information theft, facilitated remote access to victim machines, and enhanced TrickBot’s evasion capabilities.
According to the US Department of Justice, during Dunaev’s involvement in the scheme, ransomware deployed via TrickBot was used to defraud 10 victims in the US, including schools and a real-estate company, of more than $3.4 million.
Dunaev, who was extradited to the US in 2021 following his arrest in South Korea, was indicted along with six other defendants for their involvement in the development, deployment, and management of TrickBot.
“Dunaev’s case demonstrates that the Justice Department and our office will use all available resources to investigate and prosecute cybercrime, and we thank our international partners for their cooperation in helping us stop cybercriminals like Dunaev and bring them to justice,” U.S. Attorney Rebecca C. Lutzko commented.