WASHINGTON: A Latvian woman has been charged with developing malicious software used by a cybercrime organization that infected computers worldwide and looted bank accounts of millions of dollars, the Justice Department said Friday.
Alla Witte is charged as part of a 47-count indictment with participating in an organization known as the Trickbot Group, which authorities say operated in Russia and several other countries. The group is accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities.
Witte, who authorities say previously lived in Suriname, was arrested in Miami in February. She was arraigned Friday in federal court in Cleveland, according to the Justice Department.
The prosecution, which the Justice Department says is part of its newly developed ransomware task force, comes as the Biden administration confronts a growing scourge of ransomware attacks that have targeted crucial supply chains including meat and fuel. The White House, which has also been contending with cyberespionage campaigns aimed at US government agencies, issued a memo this week underscoring that the fight against ransomware is a top priority.
“These charges serve as a warning to would-be cybercriminals that the Department of Justice, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use all the tools at our disposal to disrupt the cybercriminal ecosystem,” Deputy Attorney General Lisa Monaco said in a statement.
Shutterstock illustration image
The indictment accuses Witte of participating in a scheme to steal millions of dollars from entities across the world by infecting computers with malware that captured personal information — such as credit card numbers and passwords — and gave TrickBot members access to the victims’ networks.
Among the targets identified in the indictment are real estate and law firms, country clubs, public school districts and other companies.
Prosecutors say Witte worked as a malware developer for the group, writing code related to ransomware that told victims that they’d need to acquire special software to decrypt their files. She’s also accused of providing code that monitored and tracked authorized users of the malware.
In October, weeks before the 2020 presidential election, Microsoft announced legal action to disrupt TrickBot in an operation aimed at knocking offline command-and-control servers.
The indictment, which includes multiple other defendants whose names have been blacked out, includes charges of conspiracy to commit computer fraud, aggravated identity theft and other crimes.
It was not immediately clear if Witte had a lawyer.
