Hospitals, schools and businesses are among the millions of Trickbot victims.
Photo: JACK GUEZ / AFP / Getty Images
Justice Department Charges 11 Russian Men in Connection with Hacking Group which is behind some of the world’s largest cyberattacks, including destructive attacks against major hospital chains.
At the same time, the US Treasury Department and the UK government made the rare public claim that the alleged cybercriminals have explicit ties to Russian intelligence.
According to the Department of Justice, three indictments have been unsealed in three different federal jurisdictions accusing multiple Russian cybercrime actors involved in the Trickbot malware and Conti ransomware schemes.
According to court documents and public reports, Trickbot, which was removed in 2022, was a set of malware tools designed to steal money and facilitate the installation of ransomware. Hospitals, schools and businesses are among the millions of Trickbot victims who suffered tens of millions of dollars in losses.
While active, The Trickbot malware, which acted as an initial intrusion vector into victims’ computer systems, was used to support several ransomware variants, including Conti.
Conti was a ransomware variant used to attack over 900 victims worldwide, including victims in approximately 47 states, the District of Columbia, Puerto Rico and approximately 31 foreign countries. According to the FBI, in 2021, Conti ransomware was used to attack more critical infrastructure victims than any other ransomware variant.
“The Department of Justice has taken action against individuals who allegedly developed and implemented a dangerous malware scheme used in cyberattacks on school districts, local governments, and American financial institutions,” said Attorney General Merrick B. Garland.
The announcement is the first public action a government has taken against Conti, who since 2020 has hacked and extorted major organizations, including Western governments, with apparent impunity.. Conti’s victims included the San Diego-area hospital chain Scripps Health and Ireland’s national health care system in 2021, and Costa Rica’s tax collection system last year, prompting the country to declare state of emergency.
The Treasury Department said Trickbot developers have “ties to Russian intelligence services”; This assertion has not been clarified by any Russian authority.
However, earlier this year, US intelligence discovered that a group of Russian hackers who had gained access to a Canadian gas infrastructure company were taking orders from handlers in Russia’s FSB.
We recommend you
