The arrested Russian programmer claims that he did not know that he worked for the infamous gang TrickBot

A Russian programmer who was allegedly a member of the infamous TrickBot gang was arrested in South Korea when he tried to leave the country.

The TrickBot Group is responsible for a variety of sophisticated malware for Windows and Linux devices, which allows network access, data theft, and the installation of other malware, such as ransomwarea.

The detainee was allegedly “stuck” in South Korea due to restrictions imposed due to the pandemic, and in the meantime his passport expired during his stay in that country. He waited more than a year for his passport to be issued, and when he tried to leave South Korea, he was arrested at the airport due to a U.S. extradition request.

The arrested Russian allegedly worked as a programmer for the group TrickBot in 2016 while living in Russia.

However, he claims that he did not know that he worked for cyber criminals because he was hired through an employment site.

His lawyers are currently fighting against extradition to the United States, claiming that in the United States their client will find it difficult to exercise his right to defense and that there is a high possibility that he will be “excessively punished”.

The TrickBot gang is responsible for the emergence of a number of malware, including TrickBot, BazaLoader, BazaBackdoor, PowerTrick and Anchor. They are all used to access corporate networks, steal files and passwords, and finally, to install ransomware online.

The Ryuk and Conti ransomware are also believed to be managed by the TrickBot gang.

American cyber team in cooperation with Microsoft and numerous other companies they tried to demolish the gang’s infrastructure in October 2020. Although it disrupted the group’s business, it quickly rebuilt its infrastructure and continued to attack companies around the world.

Recently, the US Department of Justice filed an indictment against a Latvian named Ala Vit, who is accused of helping to develop the platform for the new ransomware Diavol.

Prosecutors released diaries of conversations between members of the TrickBot gang who revealed how they hired developers for various tasks. Although some developers understood that the job included something that was illegal, conversations showed that some developers may not have been aware that they were working for cybercriminals.

Source: by

*The article has been translated based on the content of by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!