US, Britain Sanction 11 Linked to Russian Cybercrime Group

The United States and Britain on Thursday sanctioned 11 people who were part of the Russia-based Trickbot cybercrime hacking group, accusing it of targeting critical government infrastructure and businesses, along with hospitals, during the coronavirus pandemic.

A U.S. Treasury statement said the blacklisted targets included “key actors involved in management and procurement” for Trickbot, which it said had ties to Russian intelligence services although it was taken down in 2022.

Treasury undersecretary Brian Nelson said in a statement, “The United States is resolute in our efforts to combat ransomware and respond to disruptions of our critical infrastructure.”

Ransomware refers to the type of malicious software hackers use to lock computers and then extort payments from their users to unblock them.

British Foreign Secretary James Cleverly said the sanctions are an attempt to disrupt Trickbot’s business model and strip officials of their anonymity.

“We know who they are and what they are doing,” he said in a statement.

British officials said the Trickbot group had extorted at least $180 million from people around the world to restore their computer services.

In conjunction with the sanctions, which block any assets the Trickbot officials have in the United States and Britain, the U.S. Justice Department unsealed indictments against nine individuals in the gang.

The Justice Department said that worldwide, more than 900 victims had been affected in about 31 countries and throughout most of the U.S.

Attorney General Merrick Garland said the malware attacks in the U.S. had affected local school districts and governments, as well as financial institutions.

The U.S. said that in one instance, the Trickbot group used ransomware against three medical facilities in the midwestern state of Minnesota, “disrupting their computer networks and telephones, and causing a diversion of ambulances.”

The U.S. said Trickbot workers “publicly gloated over the ease of targeting the medical facilities and the speed in which ransoms had been paid to the group.”

Source: Voa News

CybercrimeRussiaThe United StatesTrickbot groupUnited Kingdom