Welcome to the

AdGuardian Plus Blog

News

Microsoft disrupted TrickBot ahead of US elections

TrickBot executes malware on the infected machines

Microsoft disrupted TrickBot and for this it joined its forces with telecomunications providers around the world.

Thus, huge companies joined Microsoft’s effort: Black Lotus Labs, ESET, FS-ISAC (Financial Services Information Sharing and Analysis Center), and Symantec.

The cooperation began as the US District Court for the Eastern District of Virginia granted the operations.

TrickBot could be the largest threat

Microsoft announced that it took action to disrupt the botnet, as ransomware would be the largest threat to the upcoming electoral day. Also, the action came after the malware managed to evade Windows 10 detection, bypassing User Account Control.

So, Tom Burt, VP for Microsoft, wrote that the company “disrupted TrickBot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers.”

”We have now cut off key infrastructure so those operating TrickBot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems,” he added.

In fact, the order form the US District Court for the Eastern District of Virginia authorised the company to “disable the IP addresses, render the content stored on the command and control servers inaccessible.”

Also, it allowed Microsoft to “suspend all services to the botnet operators”. Moreover, it allowed it block any effort by the TrickBot operators to purchase or lease additional servers.”

Still, the effort doesn’t mean that the threat has ended.

Also, according to Jean-Ian Boutin, head of threat research at ESET, they have been tracking TrickBot for years. In fact, researchers consider TrickBot as one of the most dangerous active malware known at this moment.

“TrickBot is one of the most prevalent banking malware families, and this malware strain represents a threat for internet users globally,” he emphasized.

Also, according to them, TrickBot is “one of the most advanced malware delivery vehicles.”

It appeared in 2016 as a banking malware, but then it has developed into an all-purpose crimeware. It usually targets corporations and its creators develop new ways to deliver malicious payload, all the time.

Laurentiu Titei
About author

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.
Related posts
News

A global coalition to fight the ransomware pandemic

News

The saga goes on: Google tracking cookies die hard

NewsPrivacy Tips

Surveillance advertising comes under more pressure

News

“World's largest data breach” brings IAB to the court

Leave a Reply

Your email address will not be published. Required fields are marked *