Microsoft disrupts infamous Trickbot botnet ahead of US election

Trickbot primarily targets financial institutions, but it could impact the election too

Microsoft has announced that it’s disrupted one of the world’s most infamous and prolific ransomware distributors, Trickbot. 

Microsoft pulled the plug on Trickbot by obtaining a court order to disable Trickbot’s servers’ IP address. It also collaborated with telecoms worldwide to initiate technical actions to further cripple this infamous botnet

According to Microsoft’s blog post: “We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”

This comes just three weeks before the US presidential election, and after the impact threat actors had on the 2016 election, it’s critical even the most remote digital threats to the 2020 election are snuffed out now.  

Trickbot’s potential impact on the election is hypothetical at this point, but ransomware could impact it multiple ways, including infecting computers used to maintain voter rolls or report on election-night results. This could inject doubt into the election results, potentially causing nationwide distrust in the results. 

Though the Trickbot threat is neutralized, for now, Microsoft couldn’t identify those behind the ransomware. Because the hackers are still at large, Microsoft fully expects Trickbot’s operators to attempt to bring the botnet back online. Microsoft will work with its telecom partners to help keep it down. 

To complete its investigation that netted it the court order to shut down Trickbot, Microsoft’s Digital Crimes Unit (DCU) worked with leaders in the tech space, including  FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT and Symantec. The Microsoft Defender team also played a role in the investigation. 

Featured Resources

How to choose an AI vendor

Five key things to look for in an AI vendor

Download now

The UK 2020 Databerg report

Cloud adoption trends in the UK and recommendations for cloud migration

Download now

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

Download now

The impact of AWS in the UK

How AWS is powering Britain's fastest-growing companies

Download now

Recommended

Ransomware criminals look to other hackers to provide them with network access
ransomware

Ransomware criminals look to other hackers to provide them with network access

17 Jun 2021
Four in five ransomware victims suffer repeat attacks
ransomware

Four in five ransomware victims suffer repeat attacks

16 Jun 2021
FBI still frowns on ransomware payments
ransomware

FBI still frowns on ransomware payments

11 Jun 2021
New ransomware targets unpatched Microsoft Exchange servers
ransomware

New ransomware targets unpatched Microsoft Exchange servers

1 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021