A Russian national has pleaded guilty to his involvement in developing and deploying the Trickbot malware.

“Vladimir Dunaev, 40, of Amur Blast, provided specialized services and technical abilities in furtherance of the Trickbot scheme,” the US Department of Justice said in a press release.

Disrupted in 2022, Trickbot was a modular banking trojan that over time evolved into a dangerous malware dropper used to deliver additional malware, including ransomware, on infected devices. The Trickbot Group primarily targeted victim computers belonging to businesses, entities, and individuals. Targets included hospitals, schools, public utilities, and governments.

Dunaev developed browser modifications and malicious tools used for credential harvesting and data stealing from infected computers, facilitated and enhanced the remote access used by Trickbot actors, and created a program code that allowed the Trickbot malware to stay undetected by anti-virus software.

During Dunaev’s participation in the scheme, 10 victims were defrauded of more than $3.4 million via ransomware deployed by Trickbot.

In 2021, Dunaev was extradited from the Republic of Korea to the United States.

Dunaev pleaded guilty to conspiracy to commit computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud. He is scheduled to be sentenced on March 20, 2024, and faces a maximum penalty of 35 years in prison if found guilty.

In 2021, the US authorities charged another TrickBot developer, Alla Witte (aka Max) for her role in the TrickBot operation. In June 2023, she was sentenced to two years and eight months in prison.

In September of this year, the US and UK governments named and sanctioned 11 Russians said to be connected to the notorious TrickBot cybercrime crew. Sanctioned individuals include Trickbot actors involved in management and procurement, namely administrators, managers, developers and coders who have materially assisted the TrickBot group in its operations. In total, the joint US and UK operations sanctioned 18 TrickBot members.