Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Botnet Microsoft IT Technology

Microsoft Says It Took Down 94% of TrickBot's Command and Control Servers (zdnet.com) 24

TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online. From a report: Last week, a coalition of cyber-security firms led by Microsoft orchestrated a global takedown against TrickBot, one of today's largest malware botnets and cybercrime operations. Even if Microsoft brought down TrickBot infrastructure in the first few days, the botnet survived, and TrickBot operators brought new command and control (C&C) servers online in the hopes of continuing their cybercrime spree. But as several sources in the cyber-security industry told ZDNet last week, everyone expected TrickBot to fight back, and Microsoft promised to continue cracking down against the group in the weeks to come. In an update posted today on its takedown efforts, Microsoft confirmed a second wave of takedown actions against TrickBot. The OS maker said it has slowly chipped away at TrickBot infrastructure over the past week and has taken down 94% of the botnet's C&C servers, including the original servers and new ones brought online after the first takedown.
This discussion has been archived. No new comments can be posted.

Microsoft Says It Took Down 94% of TrickBot's Command and Control Servers

Comments Filter:
  • by Anonymous Coward
    Sounds good, no?
  • Just curious. And could they do that to anyone?
    • or just plain a windows update that attacks the virus. Also Microsoft works with law enforcement to inform people they're running a command & control instance and get it shut down (or to arrest somebody who is running one knowingly).
    • 1. Microsoft leads group of companies fighting malware. They couldn't do it alone.

      2. Microsoft proves in court that the botnet operators are bad guys - it's not a good-faith business disagreement.

      3. Microsoft proves the botnet operators are unlawfully harming Microsoft, such as by spoofing O365 login pages.

      4. Because bad guys are doing illegal harm to Microsoft, the court grants a court order to shut down the evil botnet.

      5. Microsoft and partners track down the command and control servers, such as by having

    • by tokul ( 682258 )

      Bill goes to all the noobs and asks to install monthly windows update.

  • ...the internet was built exactly to ignore such switchoffs, even nuclear ones.

    • that disable the virus that this bot net uses to run it's network. The way botnets work is you infect computers with a virus and then that computer functions as a server for the botnet. There's typically a series of "command and control" servers that run a special version of the virus and control other computers in the botnet. You can take down a bot net by going after those command & control servers. With 94% down the reach of the botnet is severely limited, it doesn't have the resources to spam out en
  • Still need FBI and black ops people to make the punishment REAL not just cyber. Just re-route the C&C to attack Putin's computers. He will make the punishments real. Mitnick should not be allowed to ever touch a computer again.
    • Why the hate on Mitnick? He's making a good living telling people how to secure their systems, how to avoid being the human point of failure in your corporate security.

      Do you somehow imagine Trickbotnet is Mitnick's baby? Or are you just "I've heard that this guy is a Bad Hombre"?

    • Mitnick should not be allowed to ever touch a computer again.

      It's cool, he can just whistle the nuclear codes into a payphone.

  • They must be experiencing some backlash because Microsoft services have been running like shit (compared to usual) today. MFA prompts aren't working, Power BI was offline this morning, SharePoint is worse than usual...
  • I will be _very_ surprised if these abusers do not rebuild their botnet fairly quickly. Like eliminating most of a cancer or eliminating most weeds, it often leaves fertile ground behind for the next invasive organism to occupy the same location and use the same resources.

Repel them. Repel them. Induce them to relinquish the spheroid. - Indiana University fans' chant for their perennially bad football team

Working...