top of page

US and UK impose sanctions on the Russian Trickbot malware hacking group

Officials revealed on Friday that the United States and Britain had sanctioned seven key members of the notorious Russian hacker group Trickbot.

Trickbot's malicious software was formerly regarded as one of the internet's most severe security threats, with the ability to steal financial data, proliferate across networks, and drop ransomware.

It was attributed to a particularly ruthless group. In its notice explaining the action, the U.S. Treasury stated that "during the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centers, launching a wave of ransomware attacks against hospitals across the United States."

In a statement, U.S. Secretary of State Antony Blinken stated that the United States and the United Kingdom were "committed to using all available authorities to defend against cyber threats.” British officials hailed the first-of-its-kind deployment of sanctions against cybercriminals and said it was just the “first wave” in “new coordinated action" against such organizations.

Director-General of Britain's National Crime Agency Graeme Biggar said in a statement, "This is a hugely significant moment for the UK and our collaborative efforts with the U.S. to disrupt international cyber criminals."

According to Allan Liska, a threat intelligence analyst at Recorded Future, despite the fact that Trickbot's malicious software has not been deployed in a few years, the folks behind it are still active and appear to be working together.

At one time, Trickbot's operations appear to have been taken over by another ransomware group, Conti, according to cybersecurity specialists. U.S. and British authorities have accused both Trickbot and Conti of having ties to the Russian intelligence services.

The Russian embassies in Washington and London did not respond to a request for comment immediately. Reuters was unable to immediately find contact information for the accused hackers.

Given that Russia is already extensively sanctioned and cybercriminals headquartered there tend to avoid the United States and Britain, sanctions tend to be primarily symbolic.

However, Liksa stated that the change made it more difficult for hackers to launder their money.

According to him, U.S. officials have been urging other nations to implement sanctions against cybercriminals.

"The fact that we’ve got the UK doing this with us is a sign that other countries are seeing this as a viable option for punishing the bad guys," he said.



bottom of page