Security News > 2020 > October > Microsoft on the counterattack! Trickbot malware network takes a hit
These were servers that Microsoft had tied back to the operation of a large, long-lived and destructive zombie network known as Trickbot.
Sadly, we've had to write about Trickbot many times over the years, as the criminals behind the operation have spammed out wave after wave of deviously constructed emails under a wide variety of guises, all with the ultimate goal of infecting as many victims as possible with zombie malware.
This zombie malware would regularly "Call home" to one or more the Trickbot servers for instructions on what sort of cybercriminality to indulge in next.
So Trickbot infections often added a destructive insult to an already costly injury, typically ending up in a Ryuk ransomware attack.
Prevent the download and deployment of Trickbot or any other malware in the first place, thus limiting the number of new infections.
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)