US indicts 9 Russians behind Trickbot malware
- The cybercrime group used ransomware to attack hundreds of targets internationally, particularly hospitals amid the Covid-19 pandemic
- The operation reaped at least US$180 million worldwide, according to Britain’s National Crime Agency
The United States announced indictments on Thursday of nine Russians allegedly part of the Trickbot cybercrime group which plied ransomware schemes to extort businesses including hospitals during the Covid-19 pandemic.
The nine, some of whom were alleged to have links to Russian intelligence services, were named in a series of indictments in Ohio, Tennessee and California, where a number of their extortion targets were located.
In parallel, the US Treasury and the State Department, along with British authorities, placed the nine alleged hackers and two others on their sanctions blacklists.
The indictments said the Trickbot group deployed malware and an associated ransomware program called Conti to attack hundreds of targets across nearly all of the United States and in more than 30 other countries since 2016.
The malware was also used to steal bank account logins and passwords from victims’ computers to drain money from the accounts.
According to Britain’s National Crime Agency, the operation reaped at least US$180 million worldwide, including £27 million (US$33.7 million) from British targets.
