DOJ unseals indictments against alleged Trickbot and Conti cybercriminals
The U.S. Justice Department unsealed indictments on Thursday against nine individuals associated with the Trickbot and Conti cybercriminal gangs, the latest in an ongoing campaign against digital crime organizations.
DOJ has “taken action against individuals we allege developed and deployed a dangerous malware scheme used in cyberattacks on American school districts, local governments, and financial institutions,” Attorney General Merrick Garland said in the statement.
“Separately, we have also taken action against individuals we allege are behind one of the most prolific ransomware variants used in cyberattacks across the United States, including attacks on local police departments and emergency medical services,” he added.
Earlier today, the U.S. and U.K. announced sanctions on members of the Russian hacking group and others connected to the Conti ransomware scheme, seven of which are designated in the indictments.
The U.S. previously extradited two people for their roles in the Trickbot organization.
The FBI’s investigation into the group remains “ongoing,” according to a senior bureau official.
The indictments are another example of a more aggressive U.S. law enforcement strategy to battling cybercrime, outmaneuvering hackers and disrupting their operations rather than simply arresting them.
Last month, the FBI took down the prolific QakBot botnet, one part of a steady stream of proactive operations, including actions against the notorious cybercrime gang known as Hive, and the seizures of Genesis Market — a hacker marketplace for stolen logins — and BreachForums.
All of those were “proactive, disruptive activities,” the senior FBI official, who spoke on the condition of anonymity, told The Record.
"It's got to be a steady drumbeat of activity and a consistent pressure campaign, that we're going to have an impact on this,” the official added.
“It's not like the days of taking on the mob in the ‘90s, when you rounded up 50 people and did 50 search warrants. This is an ongoing activity."
However, the official could not say what qualitative impact the various actions have had on digital crime overall beyond that law enforcement is “making an impact, I think, on the ecosystem and how people are thinking about what they're doing and whether or not they want to do this in the future."
Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.