IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft disrupts infamous Trickbot botnet ahead of US election

Trickbot primarily targets financial institutions, but it could impact the election too

"Ransomware" text within binary code

Microsoft has announced that it’s disrupted one of the world’s most infamous and prolific ransomware distributors, Trickbot. 

Microsoft pulled the plug on Trickbot by obtaining a court order to disable Trickbot’s servers’ IP address. It also collaborated with telecoms worldwide to initiate technical actions to further cripple this infamous botnet

According to Microsoft’s blog post: “We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”

This comes just three weeks before the US presidential election, and after the impact threat actors had on the 2016 election, it’s critical even the most remote digital threats to the 2020 election are snuffed out now.  

Trickbot’s potential impact on the election is hypothetical at this point, but ransomware could impact it multiple ways, including infecting computers used to maintain voter rolls or report on election-night results. This could inject doubt into the election results, potentially causing nationwide distrust in the results. 

Though the Trickbot threat is neutralized, for now, Microsoft couldn’t identify those behind the ransomware. Because the hackers are still at large, Microsoft fully expects Trickbot’s operators to attempt to bring the botnet back online. Microsoft will work with its telecom partners to help keep it down. 

To complete its investigation that netted it the court order to shut down Trickbot, Microsoft’s Digital Crimes Unit (DCU) worked with leaders in the tech space, including  FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT and Symantec. The Microsoft Defender team also played a role in the investigation. 

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022