Trickbot Hacking Group Jointly Sanctioned By the US and Britain

Trickbot Hacking Group Jointly Sanctioned By the US and Britain

The Trickbot botnet was dismantled in 2019, but its use by ransomware gangs evolved over the years.

The US and Britain have sanctioned seven members of the notorious Trickbot gang, which, according to authorities, is based in Russia.

The Trickbot ransomware bot was dismantled by cybersecurity companies in 2022, but somehow it managed to re-emerge. Now, the United States and the United Kingdom have come together for historic joint cyber sanctions against seven members of the notorious Russian hacking group known as Trickbot, officials announced on Friday.

These sanctions are the first for the UK, with officials stating that it was just the first wave of new, coordinated action against cyber criminals.

Spam Campaigns Using Trickbot Banking Trojan against Cryptocurrencies
Malicious emails used in one of the Trickbot attacks

“The United States is taking action today in partnership with the United Kingdom because international cooperation is key to addressing Russian cybercrime,” U.S. Secretary of State Antony Blinken said in a statement on February 9th, 2023.

It is worth noting that, despite Trickbot’s absence in the past couple of years, the individuals behind it remain active and coordinate other attacks. According to experts, Trickbot’s operations were taken over by another ransomware gang known as Conti. The group was first identified in the latter half of December 2019 using TrickBot to drop its payload.

U.S. and British authorities have accused Trickbot and Conti of being associated with Russian intelligence services. Not only that, but the leak of Conti gang chats also revealed its soft corner for Russia. Additionally, Conti declared its support for Russia soon after the country sent its troops to Ukraine on February 28th,2022.

“During the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centres, launching a wave of ransomware attacks against hospitals across the United States,” read the announcement by the U.S. Department of the Treasury. 

Along with other major ransomware attacks orchestrated by the Trickbot gang, the press release gives details, including their names, involvement with the Trickbot gang, and online monikers, regarding the seven individuals designated by the U.S. 

  1. Emotet reemerged with botnet via Trickbot
  2. TrickBot crashes devices to evade analysis
  3. BLM movement exploited to spread Trickbot
Related Posts