Office of Public Affairs Russian National Pleads Guilty to Trickbot Malware Conspiracy United States Department of Justice
pAn official website of the United States governmentppHeres how you knowpp
Official websites use gov
A gov website belongs to an official government organization in the United States
pp
Secure gov websites use HTTPS
A lock
Lock
A locked padlock
or https means youve safely connected to the gov website Share sensitive information only on official secure websites
ppArchived NewsppPara Notícias en EspañolppA Russian national pleaded guilty today to his role in developing and deploying the malicious software known as Trickbot which was used to launch cyberattacks against American hospitals and other businessesppAccording to court documents and public reporting Vladimir Dunaev 40 of Amur Blast provided specialized services and technical abilities in furtherance of the Trickbot scheme Trickbot which was taken down in 2022 was a suite of malware tools designed to steal money and facilitate the installation of ransomware Hospitals schools and businesses were among the millions of Trickbot victims who suffered tens of millions of dollars in losses While active Trickbot malware which acted as an initial intrusion vector into victim computer systems was used to support various ransomware variantsppDunaevs guilty plea and our collaboration with South Korea that made his extradition possible are a prime example of what we can accomplish together with our foreign partners said Acting Assistant Attorney General Nicole M Argentieri of the Justice Departments Criminal Division Cybercriminals should know that countries around the world stand ready to bring them to justice and hold them accountable for their crimesppDunaev developed browser modifications and malicious tools that aided in credential harvesting and datamining from infected computers facilitated and enhanced the remote access used by Trickbot actors and created a program code to prevent the Trickbot malware from being detected by legitimate security software During Dunaevs participation in the scheme 10 victims in the Northern District of Ohio including Avon schools and a North Canton realestate company were defrauded of more than 34 million via ransomware deployed by TrickbotppAs set forth in the plea agreement Vladimir Dunaev misused his special skills as a computer programmer to develop the Trickbot suite of malware said US Attorney Rebecca C Lutzko for the Northern District of Ohio Dunaev and his codefendants hid behind their keyboards first to create Trickbot then using it to infect millions of computers worldwide including those used by hospitals schools and businesses invading privacy and causing untold disruption and financial damage The Justice Department and our office have prioritized investigating and prosecuting cybercrime and todays guilty plea demonstrates our willingness to reach across the globe to bring cybercriminals to justice We will continue to work closely with our partners foreign and domestic and use all resources at our disposal to stop similar behaviorppCombating bad actors in cyberspace is a team sport and we are proud of the collaboration and coordination at the international level that went into todays plea said Assistant Director Bryan Vorndran of the FBIs Cyber Division The FBI will pursue criminals who target the American people with malware no matter where they resideppAs the world of technology is everchanging cybercrime continues to evolve This case underscores the FBIs relentless pursuit of cyber criminals and highlights our expertise to find and dismantle criminal networks said Special Agent in Charge Gregory Nelsen of the FBI Cleveland Field Office We appreciate the coordinated work among our public and private sector global colleagues together with our federal state and local law enforcement partners to further protect the public from destructive malwareppIn 2021 Dunaev was extradited from the Republic of Korea to the Northern District of OhioppDunaev pleaded guilty to conspiracy to commit computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud He is scheduled to be sentenced on March 20 2024 and faces a maximum penalty of 35 years in prison on both counts A federal district court judge will determine any sentence after considering the US Sentencing Guidelines and other statutory factorsppThe original indictment returned in the Northern District of Ohio charged Dunaev and eight other defendants for their alleged roles in developing deploying managing and profiting from TrickbotppIn June one of Dunaevs coconspirators Alla Witte who was a Trickbot malware developer and Latvian national pleaded guilty to conspiracy to commit computer fraud and was sentenced to two years and eight months in prisonppIn February and September the Treasury Departments Office of Foreign Assets Control OFAC issued financial sanctions against multiple suspected Trickbot membersppThe FBI Cleveland Field Office is investigating the caseppTrial Attorney Candy Heath of the Criminal Divisions Computer Crime and Intellectual Property Section and Assistant US Attorneys Duncan Brown and Daniel Riedl for the Northern District of Ohio are prosecuting the case The Justice Departments Office of International Affairs and National Security Division as well as the Treasury Departments OFAC provided significant assistanceppThe Justice Departments Office of International Affairs worked with the International Criminal Affairs Division of the South Korean Ministry of Justice to secure the arrest and extradition of DunaevppA superseding indictment was unsealed yesterday charging an Australian national and a California man with operating a cryptocurrency Ponzi scheme that defrauded victims of more than 25 millionppToday the Department of Justice published guidelines outlining the process that companies subject to the reporting requirements in Section 13 or 15d of the Securities Exchange Act of 1934 orppA federal grand jury in San Francisco returned an indictment on Tuesday charging two individuals with a campaign to hack into computer networks in the United States the United KingdomppOffice of Public Affairs
US Department of Justice
950 Pennsylvania Avenue NW
Washington DC 20530ppOffice of Public Affairs Direct Line
2025142007ppDepartment of Justice Main Switchboard
2025142000ppSignup for Email Updates
Social MediappppHave a question about Government Servicesp
Official websites use gov
A gov website belongs to an official government organization in the United States
pp
Secure gov websites use HTTPS
A lock
Lock
A locked padlock
or https means youve safely connected to the gov website Share sensitive information only on official secure websites
ppArchived NewsppPara Notícias en EspañolppA Russian national pleaded guilty today to his role in developing and deploying the malicious software known as Trickbot which was used to launch cyberattacks against American hospitals and other businessesppAccording to court documents and public reporting Vladimir Dunaev 40 of Amur Blast provided specialized services and technical abilities in furtherance of the Trickbot scheme Trickbot which was taken down in 2022 was a suite of malware tools designed to steal money and facilitate the installation of ransomware Hospitals schools and businesses were among the millions of Trickbot victims who suffered tens of millions of dollars in losses While active Trickbot malware which acted as an initial intrusion vector into victim computer systems was used to support various ransomware variantsppDunaevs guilty plea and our collaboration with South Korea that made his extradition possible are a prime example of what we can accomplish together with our foreign partners said Acting Assistant Attorney General Nicole M Argentieri of the Justice Departments Criminal Division Cybercriminals should know that countries around the world stand ready to bring them to justice and hold them accountable for their crimesppDunaev developed browser modifications and malicious tools that aided in credential harvesting and datamining from infected computers facilitated and enhanced the remote access used by Trickbot actors and created a program code to prevent the Trickbot malware from being detected by legitimate security software During Dunaevs participation in the scheme 10 victims in the Northern District of Ohio including Avon schools and a North Canton realestate company were defrauded of more than 34 million via ransomware deployed by TrickbotppAs set forth in the plea agreement Vladimir Dunaev misused his special skills as a computer programmer to develop the Trickbot suite of malware said US Attorney Rebecca C Lutzko for the Northern District of Ohio Dunaev and his codefendants hid behind their keyboards first to create Trickbot then using it to infect millions of computers worldwide including those used by hospitals schools and businesses invading privacy and causing untold disruption and financial damage The Justice Department and our office have prioritized investigating and prosecuting cybercrime and todays guilty plea demonstrates our willingness to reach across the globe to bring cybercriminals to justice We will continue to work closely with our partners foreign and domestic and use all resources at our disposal to stop similar behaviorppCombating bad actors in cyberspace is a team sport and we are proud of the collaboration and coordination at the international level that went into todays plea said Assistant Director Bryan Vorndran of the FBIs Cyber Division The FBI will pursue criminals who target the American people with malware no matter where they resideppAs the world of technology is everchanging cybercrime continues to evolve This case underscores the FBIs relentless pursuit of cyber criminals and highlights our expertise to find and dismantle criminal networks said Special Agent in Charge Gregory Nelsen of the FBI Cleveland Field Office We appreciate the coordinated work among our public and private sector global colleagues together with our federal state and local law enforcement partners to further protect the public from destructive malwareppIn 2021 Dunaev was extradited from the Republic of Korea to the Northern District of OhioppDunaev pleaded guilty to conspiracy to commit computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud He is scheduled to be sentenced on March 20 2024 and faces a maximum penalty of 35 years in prison on both counts A federal district court judge will determine any sentence after considering the US Sentencing Guidelines and other statutory factorsppThe original indictment returned in the Northern District of Ohio charged Dunaev and eight other defendants for their alleged roles in developing deploying managing and profiting from TrickbotppIn June one of Dunaevs coconspirators Alla Witte who was a Trickbot malware developer and Latvian national pleaded guilty to conspiracy to commit computer fraud and was sentenced to two years and eight months in prisonppIn February and September the Treasury Departments Office of Foreign Assets Control OFAC issued financial sanctions against multiple suspected Trickbot membersppThe FBI Cleveland Field Office is investigating the caseppTrial Attorney Candy Heath of the Criminal Divisions Computer Crime and Intellectual Property Section and Assistant US Attorneys Duncan Brown and Daniel Riedl for the Northern District of Ohio are prosecuting the case The Justice Departments Office of International Affairs and National Security Division as well as the Treasury Departments OFAC provided significant assistanceppThe Justice Departments Office of International Affairs worked with the International Criminal Affairs Division of the South Korean Ministry of Justice to secure the arrest and extradition of DunaevppA superseding indictment was unsealed yesterday charging an Australian national and a California man with operating a cryptocurrency Ponzi scheme that defrauded victims of more than 25 millionppToday the Department of Justice published guidelines outlining the process that companies subject to the reporting requirements in Section 13 or 15d of the Securities Exchange Act of 1934 orppA federal grand jury in San Francisco returned an indictment on Tuesday charging two individuals with a campaign to hack into computer networks in the United States the United KingdomppOffice of Public Affairs
US Department of Justice
950 Pennsylvania Avenue NW
Washington DC 20530ppOffice of Public Affairs Direct Line
2025142007ppDepartment of Justice Main Switchboard
2025142000ppSignup for Email Updates
Social MediappppHave a question about Government Servicesp