US Treasury officials said the sanctions move is part of its effort to combat Russian state-sponsored cybercrime.

Dark Reading Staff, Dark Reading

September 8, 2023

1 Min Read
The seal of the US Department of the Treasury
Source: Sonquan Deng via Alamy Stock Photo

The Russia-based Trickbot and Conti cybercrime syndicates are facing increased pressure from the United States and the United Kingdom, which have issued fresh sanctions against the groups, and outed several top operatives in the gangs.

The sanctions affect 11 people alleged to be involved in Trickbot, the modular initial-access Trojan that often presages ransomware attacks; the sanctions also target nine individuals for their specific involvement with the Conti ransomware group (which broke up last year), with seven of those people also on the Trickbot list. They "include administrators, managers, developers, and coders," according to a statement on the sanctions from the US Treasury Department.

US officials in the statement characterized Trickbot as having ties to Russian intelligence services, and noted that Russia has "long been a haven for cybercrime."

The sanctioned members include management and bookkeeping exec Mikhail Tsarev (aka Mango, Alexander Grachev, Super Misha, Ivanov Mixail, Misha Krutysha, and Nikita Andreevich Tsarev); coding team leader Maksim Rudenskiy; testing lead Maksim Galochkin (aka Bentley, Crypt, and Volhvb); and HR manager Maksim Khaliullin (aka Kagas), among others. They will be banned from having any financial dealings with any US or UK entities.

The move follows a joint US-UK sanctions effort against several Trickbot group members back in February, issued in response to the wave of ransomware disruptions against hospitals and healthcare centers during the height of the COVID-19 pandemic. Trickbot continues to be active, despite an effort to take it down in 2021.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights