Threat Hunter TeamSymantec
A global partnership of security, software, telecommunications and financial services firms have struck a blow against the notorious Trickbot botnet by securing a court order directing hosting providers to take down its infrastructure. The order was obtained in a U.S. lawsuit filed by Microsoft and the Financial Services Information Sharing and Analysis Center (FS-ISAC) against Trickbot’s anonymous operators and was based on technical evidence provided by the Symantec, a division of Broadcom (NASDAQ: AVGO) Threat Hunter Team and others. The legal action marked the culmination of a years-long, cross-industry collaboration to find innovative ways to thwart a pernicious botnet that has fueled numerous cyber-crime sprees.
In written testimony provided to the court, Symantec technical director Vikram Thakur said Trickbot has spread prolifically across the internet for years and become one of the most commonly blocked types of malware, suggesting it is now one of the world’s largest botnets.
Thakur described the serious harm caused to users whose computers are infected with Trickbot and whose banking credentials and other sensitive information are frequently stolen by the attackers. He also described its impact on financial institutions, which have borne significant losses due to Trickbot fraud.
In recent times, Trickbot has been implicated in targeted ransomware attacks, where credentials stolen by the malware were used by the Ryuk ransomware operators to compromise victims’ networks and encrypt all accessible computers. This assessment has been confirmed by Europol, which recently noted that “the relationship between Emotet [another botnet], Ryuk and Trickbot is considered one of the most notable in the cybercrime world”.
The botnet’s impact on banks and other financial sector organizations prompted a successful and close collab ..
Support the originator by clicking the read the rest link below.
