Home / Early Warning / Cybersecurity Highlights / Microsoft and several cybersecurity firms dismantle the TrickBot botnet

Microsoft and several cybersecurity firms dismantle the TrickBot botnet

10/12/2020

Microsoft and Lumen's cybersecurity firms ESET, FS-ISAC, NTT, Symantec and Black Lotus Labs have teamed up to dismantle the TrickBot botnet, one of the most active and dangerous in the world, responsible for ransomware campaigns such as Emotet or Ryuk, very active during the COVID-19 pandemic and posing a great danger to the impending US elections.

A court in Virginia has authorized Microsoft to take control of multiple servers that TrickBot used to infect other systems through a legal attack. Microsoft explains that they have cut off key infrastructure so that those who operate TrickBot can no longer initiate new infections or activate ransomware, which are already on computer systems, or get new servers to add to their botnet.