US, UK jointly sanction Russian Trickbot hackers

AFP , Thursday 9 Feb 2023

The United States and Britain announced sanctions Thursday on the Russian intelligence-linked Trickbot group known for hacking hospitals during the Covid-19 pandemic and stealing financial data.

Ukrainian soldiers stand near trenches in the frontline close to Bakhmut, Donetsk region
Ukrainian soldiers stand near trenches in the frontline close to Bakhmut, Donetsk region, Ukraine, Wednesday, Feb. 8, 2023. AP


The US Treasury said the Trickbot group started operating out of Moscow in 2014 with cyberattacks on businesses and criminals using a so-called Trojan horse virus of the same name.

The Trickbot virus has since infected millions of computers worldwide and has evolved into a ransomware tool used to extort businesses by locking down their data until they pay to have it freed, according to a US Treasury statement.

During the Covid pandemic, "members of the Trickbot group publicly gloated over the ease of targeting the medical facilities and the speed with which the ransoms were paid to the group," the Treasury said.

The sanctions announcement named seven members of the group, some of whom "are associated with Russian Intelligence Services," it said.

In a parallel action, the US federal court in New Jersey unsealed an 11-year-old indictment of a leader of the group, Vitaly Kovalev.

The indictment, kept secret since 2012, charges Kovalev with working with Russians living in the United States to illegally access and steal tens of thousands of dollars from private accounts at several US banks and then transfer the money out of the country.

The sanctions applied in parallel by US and British authorities seek to freeze any assets those named have under US and British jurisdiction and bars the countries' citizens and entities from doing business with them.

In a statement, the British government called the sanctions "the first wave of new coordinated action against international cybercrime."

"The sanctions are the first of their kind for the UK and signal the continuing campaign targeting those responsible for some of the most sophisticated and damaging ransomware that has impacted the UK and our allies," said British National Crime Agency Director-General Graeme Biggar in a statement.

Short link: