The indictment said Witte appeared to begin working for TrickBot in about 2018. The filing said she developed malware and ransomware, which told users that someone had attacked their computers and that they needed to buy special software to fix it, with payment through Bitcoin.
Holden, the leader of the cybersecurity firm in Milwaukee, wrote in an online report that Witte was born in the Soviet city of Rostov-on-Don. She later moved to Latvia to study math. She remained there after it became an independent country, Holden wrote. For the past few years, she has lived in the South American country of Suriname.
Authorities arrested her when she flew into Miami in February. She has denied the charges, and she remains in a Youngstown jail without bond, pending her trial. Her attorney, Edward Bryan, declined to comment.
“Several (TrickBot) group members had Alla Witte folders with data,” Holden wrote in the report. “They refer to Alla almost like they would address their mothers.”
The indictment in Cleveland remains under seal, but authorities released a redacted version in Miami following her arrest. The names of Witte’s associates have not been made public.
Federal prosecutors obtained the indictment in August. She was one of seven people charged, with the others living in either Russia or Ukraine.
The indictment listed others as leading TrickBot, with Witte playing a role as a malware developer. Holden, however, stressed in his online report that Witte “acted knowingly and maliciously as a part of the TrickBot gang.” Officials hailed her arrest and indictment as a victory for law enforcement.
“This indictment puts other Russian hackers on notice; you’ll be tracked down and brought to justice,” said Scott Jasper, a senior lecturer at the U.S. Naval Postgraduate School and the author of the book “Russian Cyber Operations: Coding the Boundaries of Conflict.”
“But these actors seldom stray from Russia, and the Russian government benefits too much from the chaos they create in America to hand them over,” he said. And the thought of that has left an impression on Northeast Ohio.
- How Russian hackers wreaked havoc in two Ohio school districts
- Check all news and articles from the latest Security news updates.