Fraud Management & Cybercrime
,
Ransomware
Vladimir Dunaev Acknowledged Acting ‘Recklessly’ in Working for Cybercriminal Group
A U.S. federal judge sentenced a Russian national to five years and four months in prison for his role in developing TrickBot malware, which is used to target businesses, schools and hospitals across the country.
See Also: Live Webinar | Securing the Cloud: Mitigating Vulnerabilities for Government
Vladimir Dunaev in the U.S. District Court for the District of Northern Ohio in December pleaded guilty to one count of conspiracy to commit computer fraud and aggravated identity theft and one count of conspiracy to commit wire and bank fraud. The 40-year-old acknowledged providing specialized services and technical abilities in furtherance of TrickBot (see: TrickBot Developer Pleads Guilty in US Court).
South Korea extradited Dunaev in late 2021. Acting Assistant Attorney General Nicole Argentieri said Thursday that the sentencing “demonstrates the department’s ability to place cybercriminals behind bars, no matter where they are located.”
Prosecutors said Dunaev developed browser modifications and other tools to harvest credentials and gain unauthorized remote access into infected computers, eventually defrauding at least 10 victims in northern Ohio of more than $3.4 million via ransomware.
Dunaev helped develop and deploy the malware “all while hiding behind his computer,” U.S. Attorney Rebecca Lutzko said.
“He and his co-defendants caused immeasurable disruption and financial damage, maliciously infecting millions of computers worldwide, and Dunaev will now spend over five years behind bars as a result,” she added.
Dunaev reportedly told U.S. District Judge Solomon Oliver Jr. during his sentencing that he had acted “recklessly” when developing the malicious ransomware, adding that he “didn’t see the full picture” and “didn’t mean to harm anyone.”
While prosecutors initially sought a sentence of over six years, the judge said during Dunaev’s sentencing that Dunaev had not been a leader of the hacking group, but rather a “lower-to-middle level member.”
“I understand a message needs to be sent to other hackers and members of TrickBot,” Oliver said, according to a local news outlet. “I don’t disagree with that. But I don’t think we should put it all on the backs of a defendant at this level.”
Dunaev was charged in the TrickBot scheme along with six other defendants, including Alla Witte, a malware developer and Latvian national who pleaded guilty to conspiracy to commit computer fraud and was sentenced to nearly three years in prison.
TrickBot was absorbed in 2021 by the now-defunct Conti ransomware-as-a-service group. Conti’s operators spun off into multiple groups in May 2022, and some of them continue to use TrickBot-derived code.