Russian hacker pleads guilty to Trickbot malware conspiracy

A 40-year-old Russian man faces a lengthy prison sentence in the United States after pleading guilty to his involvement in the distribution and development of the notorious Trickbot malware.

The US Department of Justice announced that Vladimir Dunaev, from Amur Oblast in the far east of Russia, was an integral member of the criminal Trickbot group, which became infamous for its sophisticated information-stealing Trojan that defrauded innocent internet users for years.

Data stolen by Trickbot included victims' online banking passwords, credit card details, dates of birth, social security numbers - information which allowed fraudsters to gain break into and steal funds from victims' bank accounts.  In more recent years, Trickbot has also been used to infect systems with ransomware.

Trickbot is estimated to have infected millions of PCs worldwide, impacting individuals, financial institutions, government departments, school districts, and utility firms.

Duanaev, who went by the hacker handle of "FFX", was extradited to the United States in 2021, after being arrested at an airport in South Korea after being stranded in the country due to the Covid-19 pandemic.

"Dunaev and his co-defendants hid behind their keyboards, first to create Trickbot, then using it to infect millions of computers worldwide – including those used by hospitals, schools, and businesses – invading privacy and causing untold disruption and financial damage," said Rebecca C Lutzko, US attorney for the Northern District of Ohio. "Today's guilty plea demonstrates our willingness to reach across the globe to bring cybercriminals to justice. We will continue to work closely with our partners, foreign and domestic, and use all resources at our disposal to stop similar behavior."

Dunaev is scheduled to be sentenced in March 2024, and faces a maximum of 35 years in prison.