Microsoft announced Monday that it used a court order and technical collaboration with telecommunications providers to disrupt Trickbot, a ransomware distributor that could pose a threat to the upcoming elections.
In a blog post, Microsoft calls Trickbot “one of the world’s most infamous botnets and prolific distributors of ransomware” that has infected more than one million computing devices since 2016. The “malware-as-a-service” is used to serve nation-states and criminal networks, Microsoft said.
“We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems,” Microsoft security exec Tom Burt wrote in the blog post. “In addition to protecting election infrastructure from ransomware attacks, today’s action will protect a wide range of organizations including financial services institutions, government agencies, healthcare facilities, businesses and universities from the various malware infections Trickbot enabled.”
Microsoft said it used a new legal approach for the first time that includes copyright claims “against Trickbot’s malicious use of our software code.”
“This approach is an important development in our efforts to stop the spread of malware, allowing us to take civil action to protect customers in the large number of countries around the world that have these laws in place,” Burt wrote.
The Redmond, Wash.-based tech giant worked with FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT and Symantec, a division of Broadcom, to help disrupt Trickbot.
The New York Times reported that the U.S. Cyber Command was conducting a similar takedown effort of Trickbot not connected to Microsoft’s operation.
Microsoft in March worked with partners across 35 countries to disrupt Necurs, another prolific botnet that infected more than nine million computers worldwide, according to the company.
This article was written by Taylor Soper and originally appeared in GeekWire.
Ready to Get Started with mDS?
Fill-out the quick form & a MDS technical expert will contact you soon!
+1 (888) 123-4567