Latvian Woman Charged with Developing Malware for Trickbot

A 55-year-old Latvian woman has been charged on multiple counts for her alleged role in developing malware for the infamous Trickbot group.

On Friday, Alla Witte, aka “Max,” was charged with 19 counts of a 47-count indictment after being arrested in February in Miami.

The indictment claimed that she helped develop code related to the control, deployment, and payments of ransomware and software to track authorized users of the malware and tools and protocols to store stolen login credentials.

Trickbot started life several years ago as a banking Trojan. However, subsequent iterations turned it into a multi-purpose modular threat used by cyber-criminals to gain access to victims’ networks and deploy additional malware, including ransomware.

According to the Department of Justice (DoJ), Witte and her co-conspirators stole money and sensitive information globally from individuals and businesses, including banks, beginning November 2015.

Trickbot apparently helped them steal online banking logins and other personal information, including credit card numbers, emails, passwords, dates of birth, social security numbers and addresses. The DOJ alleged that Witte and her co-conspirators used bank account access to steal funds and launder money.

Witte is charged with:

  • One count of conspiracy to commit computer fraud and aggravated identity theft
  • One count of conspiracy to commit wire and bank fraud affecting a financial institution
  • Eight counts of bank fraud affecting a financial institution
  • Eight counts of aggravated identity theft
  • One count of conspiracy to commit money laundering

The crimes she’s accused of could land Witte with a maximum sentence of over 300 years.

The group is accused of infecting tens of millions of computers and stealing millions of dollars over the past six years.

“The Trickbot malware was designed to steal the personal and financial information of millions of people around the world, thereby causing extensive financial harm and inflicting significant damage to critical infrastructure within the United States and abroad,” said acting US attorney, Bridget Brennan, of the Northern District of Ohio.

“Federal law enforcement, along with assistance provided by international partners, continue to fight and disrupt ransomware and malware where feasible. We are united in our efforts to hold transnational hackers accountable for their actions.”

What’s Hot on Infosecurity Magazine?