TrickBot Malware Botnet Taken Down by Coalition of Tech Companies

Forum Moderators: open

Message Too Old, No Replies

TrickBot Malware Botnet Taken Down by Coalition of Tech Companies

engine

3:19 pm on Oct 12, 2020 (gmt 0)

A coalition of tech companies, including the FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, Symantec, and the Microsoft Defender Team, took down the back-end infrastructure of the TrickBot malware botnet. According to the report, over a million computers and IoT devices were infected by the botnet.

With this information in hand, Microsoft went to court this month and asked a judge to grant it control over TrickBot servers.

"With this evidence, the court granted approval for Microsoft and our partners to disable the IP addresses, render the content stored on the command and control servers inaccessible, suspend all services to the botnet operators, and block any effort by the TrickBot operators to purchase or lease additional servers," Microsoft said

[zdnet.com...]

aristotle

12:52 am on Oct 13, 2020 (gmt 0)

Here is another quote from the article:

The success of this takedown is, however, yet to be seen. Many other botnets have survived similar takedowns in the past. The best example of this is the Kelihos botnet, which survived three takedown attempts, rebuilding from scratch and continuing to operate.

Well I'm a bit surprised by this statement, because I thought that improvements in anti-malware protection, and wider use of it, had made it much harder, and more expensive, to create ( or rebuild) a botnet from scratch.