Russian national Vladimir Dunaev, alias FFX, has received a 64-month prison sentence in the U.S. for his involvement in developing the TrickBot malware.
Extradited from Russia in October 2021, Dunaev was arrested in Seoul in August 2021. Stranded there since February 2020 due to COVID-19 lockdowns, he faced further delays when his passport expired.
Dunaev, a TrickBot gang developer since 2016, pleaded guilty to computer fraud, identity theft, wire fraud, and bank fraud. His malicious tools facilitated ransomware attacks, resulting in over $3.4 million in losses for victims in Ohio. TrickBot, a potent Windows banking Trojan dating back to 2016, partnered with Ryuk ransomware initially, later replaced by the Conti Ransomware gang.
Dunaev’s browser modifications and tools aided credential harvesting, data mining, and enhanced remote access for TrickBot actors. The malware’s widespread impact led to financial sanctions against suspected members. The sentencing of Dunaev, as reported by the FBI Cleveland Field Office, underscores the collaborative effort against cybercrime and serves as a deterrent to malicious actors targeting individuals and businesses.