In a significant breakthrough, law enforcement in Germany has finally identified the elusive leader of the notorious hacking gang Trickbot. The mastermind behind the operation, known only by his handle "Stern," had been evading capture for years, leaving authorities baffled and hackers intrigued.
According to a recently issued Interpol red notice, Stern's real name is Vitaly Nikolaevich Kovalev, a 36-year-old Russian national. This revelation marks a major milestone in the ongoing saga of Trickbot, which has been terrorizing cyber-security experts and financial institutions alike for six years.
Trickbot's reign of terror has resulted in the theft of hundreds of millions of dollars, making it one of the most notorious transnational cybercriminal groups to ever exist. Stern's identification is a significant event that bridges gaps in our understanding of Trickbot, according to Alexander Leslie, a threat intelligence analyst at Recorded Future.
"As Trickbot's 'big boss' and one of the most noteworthy figures in the Russian cybercriminal underground, Stern remained an elusive character, and his real name was taboo for years," Leslie said. "Stern's naming is a significant event that bridges gaps in our understanding of Trickbot."
Interestingly, Kovalev's name and face may already be familiar to anyone following the Trickbot case. In 2023, he was sanctioned by the U.S. and U.K. for his involvement as a senior member of the group, and has also been charged with hacking linked to bank fraud allegedly carried out in 2010.
However, authorities had previously linked Kovalev to the online handles "ben" and "Bentley," without mentioning a connection to the Stern handle. This highlights the complexity and sophistication of Trickbot's operations, as well as the challenges faced by law enforcement in tracking down its leaders.
In other cybersecurity news, PYMNTS reported last week on the surge in data breaches involving third parties like vendors, service providers, and platforms that handle customer or operational data. A recent report from Verizon found that in 2023, just 15% of data breaches involved these third parties, whereas this figure had doubled to 30% by last year.
"Data breaches are always the biggest danger, particularly for financial institutions," said Philip Yannella, co-chair of the privacy, security, and data protection practice at Blank Rome. "We're going to go through a period where we see more breaches — potentially more expensive breaches — until companies can get their arms around how to deal with them."
"If you're a bank, you've got to worry quite a bit about your vendors," Yannella added. "This is why it's essential for companies to prioritize vendor management and ensure that they have robust controls in place to prevent data breaches."