US and UK Clamp Down on Trickbot Ransomware Group Behind $833M in Extortions
In a joint effort to curb cybercrime, the U.S. Office of Foreign Assets Control (OFAC) and the U.K. HM Treasury Office of Financial Sanctions Implementation (OFSI) have sanctioned eleven additional members of the Russia-based ransomware group, Trickbot. This move comes after the two nations had previously sanctioned seven members of the same group earlier this year, according to Chainalysis.
Among those sanctioned are prominent figures like Maksim Galochkin, known by the alias “Bentley,” Maksim Rudenskiy, also referred to as “Buza,” “Silver,” or “Binman,” and Mikhail Tsarev, or “Mango.”
Ransomware attacks have been on the rise, with Chainalysis data indicating that from January to June this year, cybercriminals extorted at least $449.1 million. Trickbot, in particular, has been linked to ransomware strains such as Ryuk, Conti, Diavol, and Karakurt, which collectively account for cryptocurrency extortions worth approximately $833 million.
Rob Jones, Director General of Operations at the National Crime Agency, commented on the sanctions, stating,
These sanctions are a continuation of our campaign against international cyber criminals.
He emphasized the challenges and opportunities cryptocurrencies present in the fight against cybercrime.
First identified in 2016, Trickbot Group has emerged as one of the top crypto-earning cybercrime organizations, second only to North Korea’s Lazarus Group. As reported by Blockchain.News, recently the FBI has detected blockchain activities linked to the theft of significant cryptocurrency by North Korea's TraderTraitor group, Lazarus Group, and APT38, with the agency suspecting North Korea may liquidate the over $40 million bitcoin.
The group's ties to Russian intelligence services and collaboration with other cybercrime entities have been well-documented. Their ransomware strains have compromised millions of devices globally, including critical infrastructure like hospitals.
The individuals sanctioned by OFSI and OFAC include Andrey Zhuykov, Maksim Galochkin, Maksim Rudenskiy, Mikhail Tsarev, Dmitry Putilin, Maksim Khaliullin, Sergey Loguntsov, Alexander Mozhaev, Vadym Valiakhmetov, Artem Kurov, and Mikhail Chernov.
Chainalysis has played a pivotal role in identifying cryptocurrency wallets linked to these sanctioned individuals, aiding in the broader effort to disrupt the operations of cybercrime groups like Trickbot.
The collaborative efforts between the U.S. and U.K. authorities underscore a global commitment to combat the challenges posed by cybercrime in an era increasingly dominated by blockchain technology.
Image source: Shutterstock