CYBER SECURITY ENTHUSIAST

The TrickBot member was arrested after attempting to leave the country.

TrickBot cybercrime group is the one responsible for a multitude of sophisticated malware targeting Windows and Linux devices in order to gain access to victims’ networks, steal data, and deploy other malware, such as ransomware.

The publication KBS was the first to report that a Russian man had remained stranded in South Korea due to COVID-19 restrictions and that his passport subsequently expired.

The individual waited for over a year for his passport to be renewed. When trying to leave yet again South Korea he was intercepted and arrested after an extradition request submitted by the USA.

As The Record reported previously, the individual identified as Mister “A” has been taken into custody when trying to leave South Korea for his home country Russia. This happened after he has been stuck in the Asian country for more than 18 months; the official US investigation started when Mr. A was waiting for the release of his replacement passport.

Sources say the person in question worked as a web developer for the Trickbot operation back in 2016 while living in Russia.

The Russian man claims he did not know that he worked for a cybercrime gang after getting hired from an employment site.

When developing the software, the operation manual did not fall under malicious software.

Source

The Russian individual’s attorney is currently fighting the USA extradition attempt, claiming that the USA will prosecute the individual unfairly.

If you send him to the United States, it will be very difficult to exercise your right of defense and there is a high possibility that you will be subjected to excessive punishment.

Source

Some Background on TrickBot

TrickBot is responsible for numerous malware like BazaLoader, BazaBackdoor, PowerTrick, and Anchor, malicious tools used to gain access to corporate networks, steal files and network credentials, and ultimately deploy ransomware on the network.

Ryuk and Conti are believed to be operated by the TrickBot gang and are known to be deployed through their malware.

Even if we’ve seen some disruption in the gang’s activities, the group quickly rebuilt its infrastructure and continued to launch new malware campaigns that are targeting organizations worldwide.

Conti Ransomware Is Now Using ProxyShell Exploits to Compromise Exchange Servers

A 55-year Old Latvian Woman Accused of Deploying Trickbot Malware

Heimdal™ Security in 2021: Outlying the Continued Growth Strategy and Market Predictions

A Closer Look at Ransomware Attacks: Why They Still Work

Emotet and Trickbot Banking Trojans Acquire Internet Worm Capabilities

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP