The Russian national has been found guilty over his involvement in creating and dispersing the TrickBot virus, according to an announcement made by the U.S. Department of Justice (DoJ).
A month after his arrest in September 2021 in South Korea, 40-year-old Vladimir Dunaev was extradited to the United States.
“Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data mining from infected computers, facilitated and enhanced the remote access used by TrickBot actors, and created a program code to prevent the TrickBot malware from being detected by legitimate security software,” the Department of Justice stated.
“During Dunaev’s participation in the scheme, 10 victims in the Northern District of Ohio, including Avon schools and a North Canton real-estate company, were defrauded of more than $3.4 million via ransomware deployed by TrickBot.”
Dunaev faces a potential sentence of 35 years in jail after entering a guilty plea to charges of computer fraud, identity theft, and conspiracy to commit wire fraud and bank fraud. March 20, 2024 is when his sentencing is set to take place.
In addition, Dunaev is the second TrickBot gang malware coder to be apprehended following Latvian national Alla Witte, who was given a two-year and eight-month prison sentence in June 2023.
This development occurred over three months after 11 people accused of being members of the TrickBot cybercrime gang were sanctioned by the US and UK governments.
TrickBot began life as a banking trojan in 2016 and has since developed into a multifunctional program that may facilitate initial ransomware assault access and deliver more payloads to compromised systems.
Following their successful deconstruction of the botnet by law enforcement, the notorious Conti ransomware group took command of the enterprise. But when Conti swore loyalty to Russia after Russia invaded Ukraine last year, both TrickBot and Conti took a serious hit.
This resulted in a string of leaks known as TrickLeaks and ContiLeaks, which revealed important details about their internal communications and infrastructure. Eventually, Conti was shut down and split up into many separate groups.
