Last year, Microsoft and a coalition of security firms took down TrickBot. On a global mission, the companies removed one of the largest malware botnets. Microsoft said at the time it was unlikely to be the last we heard from Trickbot. To that end, the company Microsoft Defender continued to hunt for traces of the malware. “Trickbot [is] one of the world’s most infamous botnets and prolific distributors of ransomware,” Microsoft has previously said. “As the United States government and independent experts have warned, ransomware is one of the largest threats to the upcoming elections. Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust.” In the new report, The Daily Beast points out the group continues to have a presence online. Hackers behind the Trickbot group are from Belarus, Russia, Suriname, and Ukraine.
Next Wave
Trickbot was one of the biggest botnet malwares, so it was unlikely to go away easily. Indeed, the company says over one million machines have been infected by TrickBot malware. In the report, Amy Hogan-Burney, general manager for Microsoft Digital Crimes Unit admits the botnet remains a “continued challenge”. One way to prevent a breach is to relace the router, so Microsoft went right to the source. The company partnered with local internet service providers in Latin America and replaced routers. It marks a rare example of a company taking a ground-level hardware approach to preventing malware attacks. Tip of the day: Tired of Windows 10’s default notification and other system sounds? In our tutorial we show you how to change windows sounds or turn off system sounds entirely.