Thanks to a court order.
November 3 is only a few weeks away. Enemies of the state can infect a computer system being used for voter rolls or report on the results of the election.
On Monday, Microsoft announced that it disrupted Trickbot via a court order and a technical action by partnering with telecom providers in the world. By disrupting the malware, it cut off the key technology.
People who operate Trickbot can’t start infecting new computers or systems. And those who have infected computer systems can’t activate the ransomware.
Microsoft stated that over a million computers have been infected with this malware. Operators of Trickbot have used it to install more sinister programs for criminal groups.
The identity of the operators isn’t known. However, research suggests that they are working for criminal networks.
It found that Trickbot has been installed in a number of public governments. By disrupting Trickbot, operators could not install programs that might interfere with voter registration records.
Microsoft worked with various companies to determine Trickbot installations. Through its partnership with various organizations, it has managed to trace the installations.
The Windows maker utilized the provisions in copyright law to persuade a federal judge to allow the company to seize the infrastructure from the operators’ hosting providers.
The court allows the company and its partners to stop the IP addresses and make the control servers inaccessible. The order also enables Microsoft to block the Trickbot operators from purchasing or leasing extra servers.
In a parallel investigation, the FBI found three Eastern Europeans to be part of the group behind Trickbot. Indictments are expected to be revealed today.
Controls in 20 Countries
According to Symantec, Trickbot has controls in 20 countries. Unfortunately, the US court order can’t be implemented in those nations.
Because of that, the group can just regroup and can control the infected computers in the US.
Ransomware is on the rise, according to Microsoft. The increasing activities of malware, like Trickbot, aren’t only a threat in the US but it can become a global emergency.
The US election is in motion. Being vigilant is one of the ways to protect the systems during this time.
By disrupting Trickbot, the company and its partners were able to cripple the bad guys.
To be vigilant, experts recommend not to click on links from unknown sources. You must also avoid downloading attachments if you don’t know the source.
When visiting a site, make sure that it is a secured site. Check if there’s an HTTPS in it. You may use safety tools, like Google safe browsing.
If you receive emails with poor formatting and grammar, delete them immediately.
And make sure that you backup your data regularly. If your computer has been infected and you’re asked to pay money, experts recommend not to pay for it. Paying the operator of the ransomware won’t guarantee that you will get your files back.
Microsoft Digital Crimes Unit will continue to work with other organizations to prevent its software from being used to commit a crime. You may visit support.microsoft.com/botnets to find out if your computer has been infected.