Report: U.S. Cyber Command Behind Trickbot Tricks

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,147
Content source
https://krebsonsecurity.com/2020/10/report-u-s-cyber-command-behind-trickbot-tricks/
A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command.
On October 2, KrebsOnSecurity reported that twice in the preceding ten days, an unknown entity that had inside access to the Trickbot botnet sent all infected systems a command telling them to disconnect themselves from the Internet servers the Trickbot overlords used to control compromised Microsoft Windows computers. On top of that, someone had stuffed millions of bogus records about new victims into the Trickbot database — apparently to confuse or stymie the botnet’s operators.

In a story published Oct. 9, The Washington Post reported that four U.S. officials who spoke on condition of anonymity said the Trickbot disruption was the work of U.S. Cyber Command, a branch of the Department of Defense headed by the director of the National Security Agency (NSA).
The Post report suggested the action was a bid to prevent Trickbot from being used to somehow interfere with the upcoming presidential election, noting that Cyber Command was instrumental in disrupting the Internet access of Russian online troll farms during the 2018 midterm elections.
The Post said U.S. officials recognized their operation would not permanently dismantle Trickbot, describing it rather as “one way to distract them for at least a while as they seek to restore their operations.”
Click to expand...
 
  • Like
  • +Reputation
  • Thanks
Reactions: SeriousHoax, Protomartyr, struppigel and 10 others
silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,147
In a blog post today, Microsoft provides an update on the Trickbot disruption operation saying that together with its partners across the world they worked to disable 94% of Trickbot’s critical infrastructure.
“As of October 18, we’ve worked with partners around the world to eliminate 94% of Trickbot’s critical operational infrastructure including both the command-and-control servers in use at the time our action began and new infrastructure Trickbot has attempted to bring online” - Microsoft
Click to expand...
www.bleepingcomputer.com

TrickBot malware under siege from all sides, and it's working

The Trickbot malware operation is on the brink of going down completely following efforts from an alliance of cybersecurity and hosting providers targeting the botnet's command and control servers.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: Protomartyr, harlan4096, Gandalf_The_Grey and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Technology The Week in Ransomware - January 26th 2024 - Govts strike back
Replies
0
Views
244
Technology News
Gandalf_The_Grey
Gandalf_The_Grey
nicolaasjan
    • Like
    • Applause
Security News US Sanctions Affiliates of Russia-Based LockBit Ransomware Group
Replies
0
Views
1,380
Security News
nicolaasjan
nicolaasjan
Gandalf_The_Grey
    • Like
    • Applause
India targets Microsoft, Amazon tech support scammers in nationwide crackdown
Replies
1
Views
660
News Archive
nickstar1
nickstar1

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top