Alleged Trickbot malware gang member extradited to United States, and appears in court

A 38-year-old Russian national has appeared in a US federal court, after being extradited from South Korea, to face charges of his alleged involvement in the notorious Trickbot malware gang.

The US Department of Justice believes that Vladimir Dunaev (also known as "FFX") was a malware developer for the Trickbot group, which became infamous for its data-stealing Trojan horse that helped cybercriminals defraud innocent internet users since 2015.

According to a highly-redacted indictment, the Trickbot malware was born out of the ashes of similar banking Trojan horse named Dyre:

In or around November 2015, Russian authorities purportedly arrested numerous individuals at 25th Floor, a Moscow-based film company associated with Dyre. Although Dyre activity slowed significantly after the purported Russian action, no charges against members of the Dyre network or 25th Floor were made public. In the months and years following the Russian authorities' purported actions, the Dyre actors regrouped and created a new suite of malware tools known as ''Trickbot."

Duanev aand others are alleged to have been part of the gang which used Trickbot to steal money, personal, and confidential information from victims including businesses and financial institutions in the United States, United Kingdom, Australia, Belgium, Canada, Germany, India, Italy, Mexico, Spain, and Russia.

Information stolen by Trickbot included victims' online banking passwords, credit card details, dates of birth, social security numbers.  Unauthorised access would be made to victims' bank accounts and funds stolen.

In more recent years, Trickbot has also been used to infect victims' PCs with ransomware.

Millions of computers worldwide are thought to have been infected by Trickbot, affecting individuals, banking organisations, school districts, utility firms, private businesses, and government departments.

Duanev (then only identified in media reports as "Mr A") was arrested at Incheon International Airport, in Seoul, South Korea, in early September - having apparently been stranded in the country due to travel restrictions introduced by the Coronavirus pandemic and unable to return to his native Russia.

Earlier this year, the US Department of Justice announced that it had arrested a Latvian mother-of-two in Miami, after flying from her home in the South American country of Suriname.

55-year-old Alla "Max" Witte, was - similarly to Duanev - accused of developing code for the TrickBot malware gang.

In short, the US Department of Justice has captured two suspected members of the Trickbot gang.  And reading between the lines of their indictment against Duanev, it sounds as if they know the identities of others, and may be close to learning more about others or even apprehending others before too long.

If convicted of all counts against him, Dunaev could face up to 60 years in prison.