2 min read

Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic

Graham CLULEY

September 08, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic

The global pandemic has caused heartbreak and hardship for millions of people around the world, but for one alleged member of the notorious TrickBot malware gang it may also have resulted in their arrest.

As Catalin Cimpanu at The Record reports, a man was arrested last week by South Korean law enforcement agents at Seoul's international airport as he attempted to board a flight back to his native Russia.

The man, who has only been named as "Mr A" in local mediaa reports, had entered South Korea in February last year, and was initially unable to return to Russia due to restrictions placed on international travel at the onset of the worldwide Coronavirus outbreak.

By the time travel restrictions had been lifted, Mr A's passport had expired - requiring him to remain in an apartment in Seoul as he awaited a replacement.

All of which was terrible timing for the stranded traveller, as US law enforcement agents had begun an investigation into the sophisticated TrickBot malware, which has most notoriously been used to distribute ransomware in recent years.

And Mr A is alleged to have worked as a developer on TrickBot's web browsing module for the cybercrime gang in 2016 while he lived in Russia.

If the US authorities had identified Mr A as a suspect while he was resident in Russia, their chances of getting their hands on him would have been pretty slim.  But as he was apprehended while attempting to leave South Korea, he is now facing possible extradition to the United States.

Mr A's legal team  is arguing that their client "will be subjected to excessive punishment" if he is extradited to the United States.

Earlier this year, the US Department of Justice announced that it had arrested a Latvian woman in Miami, after flying from her home in the South American country of Suriname.

Alla "Max" Witte, a 55-year-old mother-of-two, was - like Mr A - accused of developing code for the TrickBot malware gang.  Security researchers have claimed that Witte left an embarrassing number of clues online linking her to the TrickBot cybercrime gang.

If convicted, Witte could face years in prison for computer fraud, aggravated identity theft, bank fraud, and other charges.

I hate to give advice to those who work for cybercrime gangs, but maybe - if they care about their liberty - they should think long and hard before making any international travel plans.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read
Hackers Breach New Zealand Health Insurer Accuro Hackers Breach New Zealand Health Insurer Accuro
Filip TRUȚĂ

December 02, 2022

2 min read
Flaw allowed man to access private information of other Brinks Home Security customers Flaw allowed man to access private information of other Brinks Home Security customers
Graham CLULEY

November 30, 2022

2 min read