TrickBot really is on the run after Microsoft, Cyber Command disruption

TrickBot really is on the run after Microsoft, Cyber Command disruption
Written by Oct 20, 2020 | CYBERSCOOP

After some initial doubts, Tuesday brought encouraging signs that a multi-front attempt to dismantle the massive TrickBot botnet in advance of Election Day has taken root, perhaps thanks to an extra push.


In recent weeks, a Pentagon hacking division and a coalition of organizations led by Microsoft took aim at TrickBot, one of of the world’s largest armies of zombie computers. Fears that attackers could use the botnet to deploy ransomware and disrupt the 2020 election motivated the takedown bids.


Microsoft said on Tuesday that, as of the start of this week, it had disabled 120 out of 128 command-and-control servers the company identified as part of TrickBot’s infrastructure, good for a 94% takedown rate. Nearly 60 of the 128 sprung up as cybercriminals sought to fortify its infrastructure, after which Microsoft said it shut down all but one.


“To be clear, these numbers will change regularly as we expect action we’ve already taken will continue to impact the remaining infrastructure and as we and others continue to take new action between now and the election,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust. “This is challenging work, and there is not always a straight line to success. At the same time, we’re pleased with our progress and for several reasons I’m optimistic about the outcomes we can achieve.”


Microsoft’s takedown ran parallel to an operation by Cyber Comman ..

Support the originator by clicking the read the rest link below.