A Latvian national has been charged by the US Department of Justice (DoJ) for being one of the perpetrators of the notorious Trickbot malware.
Developer of Trickbot malware charged:
Alla Witte is a Latvian national who has been charged by the US Department of Justice after being arrested on the 6th of February, due to her alleged involvement in the Trickbot malware organization as a malware developer.
She had reportedly played a key role while writing the code in the Trickbot malware that was responsible for controlling, deploying, and managing the payments of the ransomware.
She was also involved in the development of code required in monitoring and tracking authorized malware users and created the tools and protocols utilized to store login credentials and other such data stolen from compromised networks.
The Ransomware and Digital Extortion task Force of the US Department of Justice was responsible for handling the investigation of the case.
“Witte and her associates are accused of infecting tens of millions of computers worldwide in an effort to steal financial information to ultimately siphon off millions of dollars through compromised computer systems,” provided the FBI.
Malicious Trickbot :
The Trickbot malware strain was initially discovered in 2016, where it was spotted as a modular banking trojan. Since then, it has been incessantly developed and upgraded make it even more critical and dangerous.
Even though initially used only for harvesting sensitive data, Trickbot has slowly evolved into a highly dangerous malware dropper used to deliver additional, usually a lot more dangerous, malware payloads on infected devices.
Back in October 2020, Microsoft and numerous other parties reported and announced that they were successful in tackling some Trickbot C2s.
However, despite these coordinated attacks against Trickbot’s infrastructure, the Trickbot gang’s botnet is still active, and the group is still releasing new malware builds.
This malware cyber gang is also reportedly responsible for deploying the Ryuk and Conti ransomware, targeted at significant corporate organizations, thereby compromising millions around the globe to steal and hoard banking credentials and spread ransomware.