Designating Members of the Russia-Based Trickbot Cybercrime Network

The United States, in coordination with the United Kingdom, is taking action today against the Trickbot group, a Russia-based cybercrime network that has targeted the U.S. Government and U.S. companies, including hospitals.

The Department of the Treasury sanctioned 11 key actors in the network’s operation. Concurrently, the U.S. Department of Justice unsealed indictments against nine individuals in connection with the Trickbot malware and other ransomware schemes, including seven of the individuals designated today.

Today’s action follows our February 2023 joint U.S.-UK cyber designations of other members of the Trickbot group and represents our continued commitment to targeting and combating ransomware actors. The United States will continue to use all available tools to target Russia-based cybercrime and counter the threat posed by ransomware in coordination with national and international partners.

Today’s action is being taken pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, for having materially assisted, sponsored, or provided material, or technological support for, or goods or services to or in support of, an activity described in subsection (a)(ii) of section 1 of E.O. 13694, as amended. For more information on this designation, see Treasury’s press release.