A week agoteam, Microsoft announced it is partnering with various Companies security and telecommunications agency to take down the Trickbot botnet following a court order issued in the US.
The company stated that this botnet is enough advanced and that uses a malware-as-a-service model for contamination systems and IoT devices with ransomware.
The identities of Trickbot executives are currently unknown, and Microsoft has said it has been used for individual criminal operations as well as government targets, making it even more dangerous for the US presidential election.
Today, the company provided more details for what he has done so far for the Trickbot network but also what he intends to do next.
Microsoft says it has halted 18% of Trickbot critical business infrastructure in just a few days since Oct. 94. Of the 69 major Trickbot servers detected, 62 have crashed and botnet administrators are trying to add new infrastructure. Microsoft said it had managed to add 59 new servers but the company immediately shut them down, bringing the number of servers down to 120 from 128.
The Redmond-based company says it's an active feature, and it's a painstaking process with admins on the opposite side who won't stop insisting. That's how it is data these will change regularly over the next period. However, the company states that:
First of all, after securing the court decision that allowed her to deactivate the basic infrastructure of Trickbot, she will continue to do so until election day on November 3. Collaborates with global companies and hosting providers to uncover new command and control servers as well as compromised IoT devices.
Then Microsoft noticed that people using Trickbot were trying to build new infrastructure and collaborate with other criminals. THE movement it's not nearly as dangerous as Trickbot's native abilities, but it's still something to watch out for.
Finally, Microsoft says its team is well-trained and highly trained in Trickbot infrastructure and can detect malicious activity. The team speaks directly to local ISPs, telecommunications companies and global partners who monitor and share information about Trickbot 24/7 activities.