Welcome to the

AdGuardian Plus Blog


Microsoft disrupted TrickBot ahead of US elections

TrickBot executes malware on the infected machines

Microsoft disrupted TrickBot and for this it joined its forces with telecomunications providers around the world.

Thus, huge companies joined Microsoft’s effort: Black Lotus Labs, ESET, FS-ISAC (Financial Services Information Sharing and Analysis Center), and Symantec.

The cooperation began as the US District Court for the Eastern District of Virginia granted the operations.

TrickBot could be the largest threat

Microsoft announced that it took action to disrupt the botnet, as ransomware would be the largest threat to the upcoming electoral day. Also, the action came after the malware managed to evade Windows 10 detection, bypassing User Account Control.

So, Tom Burt, VP for Microsoft, wrote that the company “disrupted TrickBot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers.”

”We have now cut off key infrastructure so those operating TrickBot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems,” he added.

In fact, the order form the US District Court for the Eastern District of Virginia authorised the company to “disable the IP addresses, render the content stored on the command and control servers inaccessible.”

Also, it allowed Microsoft to “suspend all services to the botnet operators”. Moreover, it allowed it block any effort by the TrickBot operators to purchase or lease additional servers.”

Still, the effort doesn’t mean that the threat has ended.

Also, according to Jean-Ian Boutin, head of threat research at ESET, they have been tracking TrickBot for years. In fact, researchers consider TrickBot as one of the most dangerous active malware known at this moment.

“TrickBot is one of the most prevalent banking malware families, and this malware strain represents a threat for internet users globally,” he emphasized.

Also, according to them, TrickBot is “one of the most advanced malware delivery vehicles.”

It appeared in 2016 as a banking malware, but then it has developed into an all-purpose crimeware. It usually targets corporations and its creators develop new ways to deliver malicious payload, all the time.

Laurentiu Titei
About author

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.
Related posts

Digital Advertising practices, under the pressure of fines


Advertising discrimination, addressed by huge companies


Ad fraud might hit $100B, advertising companies worry


The ad-based business model: Would Facebook change it?

Leave a Reply

Your email address will not be published. Required fields are marked *