On June 4, 2021, a Latvian citizen was declared by the US on multiple counts of publishing her allegations in a transnational cybercrime organization responsible for creating and distributing trojans to steal banking information. and ransomware called “Trickbot”.
The 55-year-old woman is the boss of Hacker group Trickbot
Alla Witte, aka Max, 55, is charged with 19 counts in a 47-count indictment, accusing her of participating in a criminal organization known as the “Trickbot Group”. The Trickbot group operates in Russia, Belarus, Ukraine, and Suriname, and primarily targets victim computers belonging to businesses, organizations and individuals, including those located in the state of Ohio and elsewhere in the United States. Ky. Targets include hospitals, schools, public utilities and government. Witte, who previously resided in Paramaribo, Suriname, was arrested on February 6, in Miami, Florida.
“Witte and her associates allegedly infected tens of millions of computers worldwide in an attempt to steal millions of dollars through compromised computer systems.”
The indictment alleges that starting in November 2015, Witte and others stole money and confidential information from victims, including their businesses and financial institutions in the United States, United Kingdom and the United States. UK, Australia, Belgium, Canada, Germany, India, Italy, Mexico, Spain. and Russia through the use of Trickbot malware.
Witte and her accomplice allegedly worked together to infect victims with Trickbot malware designed to obtain online banking logins and collect other personal information, including including your credit card number, email, password, date of birth, social security number, and address. Witte and others are also alleged to have obtained login credentials and other stolen personal information to access online banking accounts, conduct unauthorized electronic funds transfers, and launder money through beneficiary accounts in the United States and abroad.
According to the indictment, Witte worked as a malware developer for Trickbot Group and wrote code related to the control, deployment, and ransom-encrypted ransomware. The ransomware informed victims that their computer was encrypted and that they needed to purchase special software through a Bitcoin address controlled by the Trickbot Team to decrypt their files. In addition, Witte is alleged to have provided code for the Trickbot Team to track and trace authorized users of the malware, and develop tools and protocols to store hacked logins. steal.
Trickbot is the name of a group of cybercriminals that owns a huge botnet of hacked internet-connected devices used to carry out cyber attacks. According to network research firm Malwarebytes Inc. , a cybercriminal group that manages botnets and sells malware to other hackers.
Once infected, the victim’s computer becomes part of a botnet, a network of thousands of computers and servers around the world infected with the Trickbot malware. This malware is used as an entry point for “data-hunting” hackers to spy or find ways to spread ransomware.
Since Trickbot was first discovered in 2016, Trickbot’s owners have stolen tens to hundreds of millions of dollars from victims in the US, including banks, universities, and local governments. , according to cybersecurity experts and court documents. In October, as coronavirus cases increased in the US, authorities warned of an “imminent and growing cybercrime threat to hospitals and healthcare providers”. of the United States” from Trickbot and other hacking groups.
During his first week with the Trickbot team in 2018, Witte wrote a piece of code to track each of the hundreds of users infected with Trickbot’s malware. Within a few months, she published a video showing her Trickbot partners how to use the tracking software. By the time she’d been with the team for a year, she’d written the code for the web console that Trickbot uses to store a database that stores victim information, including system codes. colorize it so that accomplices can track the progress of the hacked machines.
Witte will continue to write code that controls the ransomware deployment, including the note that victims receive notifications that their computer systems are encrypted.
Witte detailed her background on social media accounts, discovered and translated by Holden. She grew up along the Black Sea in the Russian city of Rostov-on-Don, according to her social media accounts. After studying at the University of Latvia, Witte worked as a sales manager and teacher in the 1980s. According to articles, her interest in technology emerged in the late 90s and early 2000s.
After their marriage in 2007, her family moved from the Netherlands to Suriname, South America. It was around this time, in 2013, that she started learning Web programming. In just 6 years of learning to code, she became a notorious Hacker and the leader of the Trickbot team in 2018.