On Thursday, the United States and the United Kingdom issued joint sanctions against seven members of the infamous Russian cybercrime group Trickbot. It is important to note that the U.S. has previously made moves against Russian cyber criminals; the Trickbot sanctions are the first of their kind for the U.K.
As per a press release by the British government on Thursday, the authorities count the Trickbot sanctions as a part of “the first wave of a new coordinated action against international cybercrime.” Trickbot is an infamous Russian cybercrime gang closely tied to Russian intelligence services.
The U.S. Treasury Department says that the Trickbot has been coordinating its attacks to align with “Russian state objectives,” including carrying out attacks on the U.S. government. It also revealed that during the COVID-19 pandemic, Trickbot targeted hospitals and other medical facilities with ransomware attacks.
Sources reveal that the group’s attacks have been lucrative. Data from Chainalysis, an on-chain analytics firm, Trickbot, has collected $724 million in crypto, making it the second-largest cybercrime gang by profit. The largest cybercrime group by profit remains North Korea’s Lazarus Group.
Notably, the Trickbot cybercriminal group members that have been sanctioned vary from senior leadership to low-level administrators. However, all of them have been added to the Treasury Department’s Office of Foreign Assets Control (OFAC) list of Specially Designated Nationals and Blocked Persons (SDN).
The sanctioned members will also have certain assets frozen and travel bans imposed. Vitaly Kovalev, also known as “Bentley” or “Ben,” is thought to be a senior leader in the Trickbot group with a history of cybercrime that predates his involvement in the gang.
Other members sanctioned include Maksim Mikhailov, a developer known as “Baget;” Valentin Karyagin, a developer known as “Globus;” Mikhail Iskritskiy, an alleged money launderer for the group known as “Tropa;” Dmitry Pleshevskiy, a coder known as “Iseldor;” Ivan Vakhromeyev, a manger known as “Mushroom;” and Valery Sedleski, an administer known as “Strix.”
Earlier this week, Todayq News reported that The UN said North Korea stole $630 million of crypto last year. It said that 2022 was undoubtedly a record-breaking year for North Korean cryptocurrency theft. The UN also highlighted that North Korea targeted foreign aerospace and defense companies and their networks to steal information. Using ransomware, North Korea could extort payments from their possession of that information.