Trickbot is the name of a cybercrime group, piece of malicious code and a botnet, a network of hijacked internet-connected devices used to carry out cyberattacks. The cybercrime group manages the botnet and sells its malware to “affiliates” who then use it to target various victims, according to the cyber research firm, Malwarebytes Inc.
If Witte were to cooperate with authorities, her insights could be invaluable at a time when the Biden administration and a newly formed Justice Department task force are taking aim at ransomware and other cybercrime, said Alex Holden, the founder of the cyber-investigations firm Hold Security. She could also help U.S. officials understand the structure of a tenacious and wide-ranging cybercrime operation with so many tentacles that it managed to evade a pair of takedown operations by U.S. Cyber Command and Microsoft Corp. in 2020, he said.
Since it was first detected in 2016, Trickbot operators have stolen tens to hundreds of millions of dollars from victims in the U.S., including banks, universities and local governments, according to cybersecurity experts and court documents. In October, as coronavirus cases surged in the U.S., authorities warned of “increased and imminent cybercrime threat to U.S. hospitals and health-care providers” from Trickbot and other hacking groups.
In her first week working for the Trickbot group in 2018, Witte wrote a code to track each of the hundreds of users weaponizing its malware, according to the indictment. Within months, she produced a video tutorial showing her Trickbot partners how to use the tracking software. By the time she’d been with the group for a year, she had authored code for the web panel that Trickbot uses to store its massive database of stolen victim data, including a color-coding system so fellow users could monitor the progress of each infection, according to court records.Witte would go on to write the code that controls deployment of ransomware, including the note victims received announcing that their computer system had been encrypted, according to the indictment.
Witte provides details about her background on social media accounts, which were discovered and translated by Holden. She grew up along the Black Sea in the Russian city of Rostov-on-Don, according to her social media accounts. After studying at the University of Latvia, Witte worked as a sales manager and teacher in the 1980s. Her interest in technology emerged in the late ‘90s and early 2000s, according to the posts.
After getting married in 2007, her family moved from the Netherlands to Suriname, in South America. It’s around this time, in 2013, that she began dabbling professionally in website development. In her posts, she expressed determination to find success and happiness in her newfound career. In language forums in Russian, her native language, she offered advice to younger professionals and thanked those who’ve helped her follow her path.“You are absolutely correct that you have to exclude from your life those who try to prove that you will not accomplish anything,” she posted in the comments section of a video about job hunting, in a post translated by Holden. “I have heard everything – you are too old for this type of job. Overall, I spoke over the internet with several people who supported me or gave me professional advice. The Justice Department has declined to detail the circumstances of her arrest, except to say that she was living with her family in Suriname when she arrived in Miami and was detained.
The News Highlights
- Max, the hacker, is a 55-year-old woman
- Check the latest update on Security news
For Latest News Follow us on Google News
- Show all
- Trending News
- Popular By week