Vladimir Dunaev, 28, was arrested in South Korea and was extradicted to the US to faced charges with his involvement to Trickbot malware:
A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group.
https://thehackernews.com/2021/10/russian-trickbot-gang-hacker-extradited.htmlI'm sure some of us here are familiar with this malware as it leave a lot of footprints specially in crypto mining.
TrickBot is capable of data exfiltration over a hardcoded C2 server, cryptomining, and host enumeration (e.g., reconnaissance of Unified Extensible Firmware Interface or Basic Input/Output System [UEFI/BIOS] firmware) (Exfiltration Over C2 Channel [T1041], Resource Hijacking [T1496], System Information Discovery.[2] For host enumeration, operators deliver TrickBot in modules containing a configuration file with specific tasks.
https://us-cert.cisa.gov/ncas/alerts/aa21-076aLet's see how US will handle this case as the involved is a Russian National. And they really work hard to capture a lot of cyber criminals around the globe.
They still have a Latvian national on their custody as well: Alla Witte known as Max
A Latvian national was arraigned in federal court in Cleveland, Ohio, today on multiple charges stemming from her alleged role in a transnational cybercrime organization responsible for creating and deploying a computer banking trojan and ransomware suite of malware known as “Trickbot.”
https://www.justice.gov/opa/pr/latvian-national-charged-alleged-role-transnational-cybercrime-organization