Monday, April 12, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Microsoft says it took down 94% of TrickBot’s command and control servers

October 22, 2020
in Internet Security
Microsoft says it took down 94% of TrickBot’s command and control servers
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: CSIS

Last week, a coalition of cyber-security firms led by Microsoft orchestrated a global takedown against TrickBot, one of today’s largest malware botnets and cybercrime operations.

Even if Microsoft brought down TrickBot infrastructure in the first few days, the botnet survived, and TrickBot operators brought new command and control (C&C) servers online in the hopes of continuing their cybercrime spree.

You might also like

Washington State educational organizations targeted in cryptojacking spree

Critical Zoom vulnerability triggers remote code execution without user input

Nation-state cyber attacks targeting businesses are on the rise

But as several sources in the cyber-security industry told ZDNet last week, everyone expected TrickBot to fight back, and Microsoft promised to continue cracking down against the group in the weeks to come.

In an update posted today on its takedown efforts, Microsoft confirmed a second wave of takedown actions against TrickBot.

94% of TrickBot servers taken down in a week

The OS maker said it has slowly chipped away at TrickBot infrastructure over the past week and has taken down 94% of the botnet’s C&C servers, including the original servers and new ones brought online after the first takedown.

“From the time we began our operation until October 18, we have taken down 120 of the 128 servers we identified as Trickbot infrastructure around the world,” said Tom Burt, CVP of Customer Security and Trust at Microsoft.

Burt says Microsoft brought down 62 of the original 69 TrickBot C&C servers and 58 of the 59 servers TrickBot tried to bring online after last week’s takedown.

The seven servers that could not be brought down last week were described as Internet of Things (IoT) devices.

The reason these systems couldn’t be taken down right away was that they weren’t located inside web hosting companies and data centers, and the device owners couldn’t be reached via an “abuse email.”

Additional coordination was needed with local internet service providers, but Microsoft says “these [devices] are in the process of being disabled.”

Burt credited Microsoft’s swift response to the second wave of TrickBot server infrastructure to the company’s lawyers, who moved in quickly and requested new court orders to have these new servers taken down within days.

Down, but not out

Currently, the TrickBot botnet is still alive, but it has once again been brought down to its knees. Nonetheless, a few command and control servers are still alive, allowing the TrickBot operators to keep control of their horde of infected devices.

According to cyber-security firm Intel 471, these last few TrickBot C&C remnants are located in Brazil, Colombia, Indonesia, and Kyrgyzstan.

How much will TrickBot survive is unclear, but Burt said Microsoft plans to hunt down TrickBot infrastructure at least until the US Presidential Elections, to be held on November 3.

Burt said Microsoft is trying to prevent TrickBot from renting access to infected computers to ransomware gangs, something the TrickBot botnet is known to have done in the past.

Microsoft fears that a badly timed ransomware attack might end up causing downtimes to election systems — either by directly encrypting election-related infrastructure; or indirectly, by impacting election-related supply chains.

Such fears have been played down by most cyber-security experts, as ransomware gangs have a multitude of distribution methods at their disposal, and taking down TrickBot won’t necessarily mean that the election’s are safe from ransomware attacks — but nobody’s mad at Microsoft for crippling a botnet that has given many system administrators nightmares for the past two years.

Nonetheless, from afar, the takedown attempt doesn’t seem to have worried TrickBot operators too much, as they spent the last week trying to make new victims with the help of a partner malware botnet (Emotet).

Had a feeling this would happen. Emotet often drops TrickBot, and a few month ago TrickBot was dropping Emotet. As a result they are able to recover some old bots, as well as infect new systems via Emotet. https://t.co/ijB87gqKJ1

— MalwareTech (@MalwareTechBlog) October 14, 2020


Credit: Zdnet

Previous Post

CYR3CON's Machine Learning Platform Predicted Exploits Later Used by State-Sponsored Hackers

Next Post

Account-Based Marketing Measurement for ROI

Related Posts

Washington State educational organizations targeted in cryptojacking spree
Internet Security

Washington State educational organizations targeted in cryptojacking spree

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Why do phishing attacks work? Blame the humans, not the technology
Internet Security

Why do phishing attacks work? Blame the humans, not the technology

April 9, 2021
Next Post
Account-Based Marketing Measurement for ROI

Account-Based Marketing Measurement for ROI

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Interpretive Analytics in One Picture
Data Science

Interpretive Analytics in One Picture

April 12, 2021
AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors
Machine Learning

AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors

April 12, 2021
Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning
Machine Learning

Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning

April 11, 2021
Why Machine Learning Over Artificial Intelligence?
Machine Learning

Why Machine Learning Over Artificial Intelligence?

April 11, 2021
27 million galaxy morphologies quantified and cataloged with the help of machine learning
Machine Learning

27 million galaxy morphologies quantified and cataloged with the help of machine learning

April 11, 2021
Machine learning and big data needed to learn the language of cancer and Alzheimer’s
Machine Learning

Machine learning and big data needed to learn the language of cancer and Alzheimer’s

April 11, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Interpretive Analytics in One Picture April 12, 2021
  • AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors April 12, 2021
  • Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning April 11, 2021
  • Why Machine Learning Over Artificial Intelligence? April 11, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates