The US and Britain have sanctioned seven members of the notorious Trickbot gang, which, according to authorities, is based in Russia.
The Trickbot ransomware bot was dismantled by cybersecurity companies in 2022, but somehow it managed to re-emerge. Now, the United States and the United Kingdom have come together for historic joint cyber sanctions against seven members of the notorious Russian hacking group known as Trickbot, officials announced on Friday.
These sanctions are the first for the UK, with officials stating that it was just the first wave of new, coordinated action against cyber criminals.
“The United States is taking action today in partnership with the United Kingdom because international cooperation is key to addressing Russian cybercrime,” U.S. Secretary of State Antony Blinken said in a statement on February 9th, 2023.
It is worth noting that, despite Trickbot’s absence in the past couple of years, the individuals behind it remain active and coordinate other attacks. According to experts, Trickbot’s operations were taken over by another ransomware gang known as Conti. The group was first identified in the latter half of December 2019 using TrickBot to drop its payload.
U.S. and British authorities have accused Trickbot and Conti of being associated with Russian intelligence services. Not only that, but the leak of Conti gang chats also revealed its soft corner for Russia. Additionally, Conti declared its support for Russia soon after the country sent its troops to Ukraine on February 28th,2022.
“During the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centres, launching a wave of ransomware attacks against hospitals across the United States,” read the announcement by the U.S. Department of the Treasury.
Along with other major ransomware attacks orchestrated by the Trickbot gang, the press release gives details, including their names, involvement with the Trickbot gang, and online monikers, regarding the seven individuals designated by the U.S.