Feds charge Latvian national in TrickBot malware attack that hit millions of computer users, including two Northeast Ohio school districts – cleveland.com

Feds charge Latvian national in TrickBot malware attack that hit millions of computer users, including two Northeast Ohio school districts - cleveland.com

CLEVELAND, Ohio – Federal authorities accused a Latvian national Friday of being part of a cybercrime network that attacked millions of computers worldwide and fleeced money and confidential information from unsuspecting victims, including two Northeast Ohio school districts.

Alla Witte appeared for an arraignment before U.S. Magistrate Judge William Baughman in Cleveland on 19 charges, including conspiracy, wire fraud, bank fraud and aggravated identity theft involving TrickBot, a criminal scheme with origins in Russia, according to the 61-page indictment in the case.

Witte denied the allegations, and Baughman ordered her held without bond. The case involves victims from across the United States, but it is being handled in Cleveland before Senior Judge Solomon Oliver, as federal prosecutors obtained the indictment here.

TrickBot developers are accused of using various forms of malware to hit the computers of governments, hospitals, businesses and banks around the world to capture personal information and gain access to bank accounts. Seven have been charged, but only Witte’s name appears in the unsealed indictment. Federal prosecutors redacted the names of the others charged.

Cyberattacks are becoming a major concern for federal officials and the American intelligence community. In recent weeks, federal authorities said foreign malware struck the Colonial Pipeline, a critical oil chain that threads from New Jersey to Texas. This week, authorities said a similar incident occurred when a cyberattack hit the meatpacker JBS, according to published reports.

The indictment involving Witte said TrickBot developers struck school districts in Avon and Akron, as well as an unnamed real-estate business in North Canton. The scheme drained hundreds of thousands of dollars from accounts through wire transfers from the district in Lorain County and the real-estate business, according to the charges. Several attempts to reach school officials there were unsuccessful.

A spokesman for Akron Public Schools said the district never lost any money, and it was never contacted by authorities.

The indictment says businesses and governments from Vermont to California fell victim to the scheme, with the profits from the attacks laundered through bank accounts in the United States and abroad.

Witte, 55, worked as a malware developer for TrickBot, overseeing the creation of code related to the monitoring and tracking of the viruses, obtaining payments from victims and developing tools and protocols for the storage of credentials that were stolen, according to the charges.

In 2018, Witte created and provided to the TrickBot leaders a video demonstrating how to use the user-tracking software, the indictment alleged.

A federal grand jury in Northeast Ohio indicted Witte in August, but the document was sealed. She was arrested in February in Miami as she was traveling when she was stopped and detained. Witte was born and raised in Russia and had been living in recent years in Latvia.

Her attorney, Jeffrey Lazarus of Cleveland, declined to comment.

Authorities said the network began in about 2015 when programmers in Russia developed the viruses that attacked computers. It began targeting governments and businesses in the United States the following year.

Its architects lived in Russia, Belarus, Ukraine and Suriname, the charges said.

TrickBot used the malware to obtain personal identification information from computer users, including credit cards, emails, passwords, dates of birth, Social Security numbers and addresses, according to the indictment.

The document said it also captured login information to gain access to online bank accounts, which enabled it to steal funds and launder that money through other bank accounts. Other than those from the United States, the victims were from the United Kingdom, Australia, Belgium, Canada, Germany, India, Italy, Mexico, Spain and Russia.

Clarification: This story originally reported that Witte was a Russian national. The Justice Department, however, later said that while she was born and raised in Russia, she has lived in Latvia in recent years. The story was updated to indicate that.

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.