The United States and Great Britain imposed sanctions against members of the Russian cybercriminal group "Trickbot".
This was reported by the Office of Foreign Assets Control (OFAC) of the US Treasury Department.
Trickbot has ties to Russian special services. The restrictions apply to people involved in the management and maintenance of the hacker group: administrators, managers, developers and coders. It is, in particular, about:
- Andriy Zhuykov — a senior administrator known as Dif and Defender.
- Maksim Galochkin — the head of testers, responsible for the development, supervision and introduction of viruses. Also known as Bentley, Crypt and Volhvb.
- Maksim Rudenskyi — the head of the team of "Trickbot" coders.
- Mikhail Tsarev — group manager who oversaw personnel and finances and was responsible for management and accounting. He is also known under the pseudonyms Mango, Aleksandr Grachov, Super Misha, Ivanov Mikhail, Misha Krutysha and Nikita Andriyovych Tsarev.
- Dmytro Putilin, who was associated with the purchase of the "Trickbot" infrastructure. Also known as Grad and Staff.
- Maksym Haliullin — HR manager. He was also linked to the purchase of "Trickbot" infrastructure, including virtual servers. Known in the network under the pseudonym Kagas.
- Serge Loguntsov — the developer of the "Trickbot" group.
- Vadim Valiahmetov, who worked as a coder in the "Trickbot" group and is known by the names Weldon, Mentos and Vas.
In 2016, security researchers identified the "Trickbot" Trojan, which infected millions of computers worldwide, including in the United States. "Trickbot" is derived from the "Dyre" trojan. "Dyre" was used to hack online banking in mid-2014, this virus was controlled by Russians.
During the 2020 COVID-19 pandemic, the "Trickbot" group launched ransomware at hospitals and medical centers in the United States.