Connect with us

Hi, what are you looking for?



US, UK Sanction More Members of Trickbot Russian Cybercrime Group 

The US and UK have announced sanctions against 11 more alleged members of the Russian cybercrime group Trickbot. 

The United States and the United Kingdom on Thursday announced sanctions against more alleged members of the Russian cybercrime group named Trickbot. 

Earlier this year, the two countries sanctioned seven Russians for their alleged role in the Trickbot operation, and they have now announced sanctions against 11 additional individuals.

The latest sanctions target Andrey Zhuykov, described as a central actor and senior administrator; Maksim Galochkin, who led Trickbot testers; Maksim Rudenskiy, team lead for coders; Mikhail Tsarev, HR and finance manager; Dmitry Putilin, responsible for acquiring Trickbot infrastructure; Maksim Khaliullin, HR manager; Mikhail Chernov, in charge of internal utilities; Alexander Mozhaev, responsible for general administrative tasks; and coders Sergey Loguntsov, Vadym Valiakhmetov and Artem Kurov.

As a result of sanctions, these individuals can have their assets frozen, and entities in the US and UK are banned from doing business with them, which can also have an impact on ransomware payments.

In tandem with the sanctions, the US government announced charges against nine individuals over the development of the Trickbot malware, including seven of the newly sanctioned people and two of those targeted in the previous round of sanctions.

In addition, four of the individuals were indicted for their role in Conti ransomware attacks, each of them facing up to 25 years in prison. 

While it may be difficult for the US to apprehend these individuals given its current relations with Russia, there have been cases where Russian cybercriminals ended up being prosecuted in the United States after they traveled outside their country. This includes Trickbot developers

Advertisement. Scroll to continue reading.

The United States has been offering up to $10 million in rewards for information on Russian cybercriminals and individuals involved in state-sponsored operations

The cybercrime enterprise behind the Trickbot malware has been around for roughly a decade, targeting millions of computers worldwide as part of financially motivated operations aimed at businesses and individuals, including ransomware attacks and direct targeting of bank accounts. 

The US government says the Trickbot group has ties to Russian intelligence services. 

Microsoft announced the takedown of Trickbot infrastructure in October 2020, but CISA and the FBI warned a few months later that the malware had still been distributed in attacks. 

Earlier this year, the US announced sanctions against 22 individuals and 83 entities that allegedly helped Russia’s war against Ukraine, including its cyber operations.  

Related: Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks

Related: US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware

Related: US Sanctions North Korean University for Training Hackers

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...