A 55-year-old Latvian woman was charged on multiple counts for her role in developing malware for the infamous Trickbot group.
Alla Witte, aka “Max,” was charged with 19 counts of a 47-count indictment after being arrested in February in Miami.
According to the indictment, Witte helped develop code related to the control, deployment, and payments of ransomware and software to track authorized users of the malware and tools and protocols to store stolen login credentials.
Trickbot which started several years ago as a banking Trojan has turned after subsequent iterations into a multi-purpose modular threat used by threat actors to get access to victims’ networks and deploy additional malware, including ransomware.
The Department of Justice (DoJ) alleged that Witte and her co-conspirators stole money and sensitive information globally from individuals and businesses, including banks, beginning November 2015.
By using Trickbot, the cyber criminals could steal online banking logins and other personal information, including credit card numbers, emails, passwords, dates of birth, social security numbers and addresses. According to the DOJ, Witte and her co-conspirators used bank account access to steal funds and launder money.
Witte is charged with:
- One count of conspiracy to commit computer fraud and aggravated identity theft
- One count of conspiracy to commit wire and bank fraud affecting a financial institution
- Eight counts of bank fraud affecting a financial institution
- Eight counts of aggravated identity theft
- One count of conspiracy to commit money laundering
Based on the crimes she’s accused, Witte could get a maximum sentence of over 300 years.
The group is accused of infecting tens of millions of computers and stealing millions of dollars over the past six years.
Acting US attorney, Bridget Brennan, of the Northern District of Ohio stated that Federal law enforcement, along with assistance provided by international partners, continue to fight and disrupt ransomware and malware where feasible. She added that they are united in efforts to hold transnational hackers accountable for their actions.