The US Department of Justice has indicted a Latvian citizen for her alleged role in the creation and deployment of Trickbot, a computer banking Trojan that has evolved into popular malware with cybercriminals.
The accused, Alla Witte, was arrested in Miami four months ago.
According to the charges, Witte worked in the criminal organization, dubbed the Trickbot Group, which deployed the Trickbot malware. As part of this, she reportedly wrote code related to malware control, deployment, and ransom payments for the organization.
Trickbot malware offers cybercriminals a way to spread malware onto machines, initially compromised to steal personal and financial information, including login credentials, credit card numbers, emails, passwords , dates of birth, social security numbers and addresses.
Once the information was obtained, the attackers used the information to access online bank accounts, perform unauthorized electronic fund transfers, and launder money through U.S. and foreign recipient accounts, according to the U.S. Department of Justice.
According to the indictment, Witte and others stole money and confidential information from victims using the Trickbot malware, including companies and financial institutions, across Australia, Belgium, Canada. , Germany, India, Italy, Mexico, Spain, Russia, the United States and the United Kingdom.
Originally emerged as a banking Trojan in 2014, Trickbot is increasingly used by cybercriminals to spread other malware, especially following the dismantling of the Emotet botnet.
Emotet was the most prolific and dangerous malicious botnet in the world before it was dismantled by an international operation by authorities in January.
Along with accusations that Witte helped write code for the Trickbot malware, the Justice Department is also implicating Witte for his role in ransoming victims. Witte and his co-conspirators allegedly coerced victims into purchasing special software through a bitcoin address controlled by the Trickbot group in order to decrypt the compromised files.
Witte also reportedly provided code to the Trickbot group intended to monitor authorized users of the malware and developed tools and protocols to store stolen login credentials.
In total, Witte was charged with 19 counts out of 47 counts. If found guilty, she faces up to 87 years in prison.
Information on the other people indicted in the indictment is currently confidential.
“These accusations serve as a warning to potential cybercriminals. The Department of Justice, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use whatever tools at our disposal to disrupt the cybercriminal ecosystem, ”said Deputy Attorney General Lisa Monaco.