The US and UK governments on Thursday sanctioned six Russians and one Ukrainian for their alleged involvement in an infamous Russia-based cybercrime network that infected millions of computers worldwide, including those in American hospitals.
The sanctions target seven alleged core members of a cybercrime gang known as Trickbot, whose eponymous hacking tool has for years stalked US critical infrastructure, the US Treasury Department said in a statement.
The malicious code has often been used to deploy ransomware – locking computers until hackers are paid off. The Pentagon grew concerned enough about the potential for Trickbot-enabled ransomware to disrupt voting that the US military hackers knocked some Trickbot infrastructure offline ahead of the 2020 election.
The seven sanctioned people — Vitaly Kovalev, Maksim Mikhailov, Valentin Karyagin , Mikhail Iskritskiy, Dmitry Pleshevskiy, Ivan Vakhromeyev and Valery Sedletski — are accused of developing hacking tools for the crime group or having other prominent roles such as laundering money.
Current members of the criminal group are “associated with Russian intelligence services,” the US Treasury said.
In one alleged Trickbot-backed hack at the height of the Covid-19 pandemic in 2020, ransomware was used against three Minnesota medical facilities, forcing ambulances to be diverted, according to the Treasury Department.
It’s the latest attempt by US and European authorities to crack down on cybercriminal groups that threatens public health. The FBI and European agencies last month took down hacking infrastructure used by another ransomware gang to target US hospitals, officials said.
Any faint hopes of substantive cooperation between Washington and Moscow on cybercrime dimmed with Russia’s full-scale invasion of Ukraine a year ago.
“Russia is a haven for…
Read the full article here
