Security News > 2020 > October > Microsoft Says Most TrickBot Servers Are Down

Microsoft Says Most TrickBot Servers Are Down
2020-10-21 17:42

Most of the servers associated with the TrickBot botnet have been taken down following the technical and legal effort announced last week, Microsoft says.

The TrickBot operators, which some say are the hackers that also use Ryuk and Conti ransomware, appeared largely unaffected by the takedown attempt, with only a relatively small percentage of the bots being isolated.

On Tuesday, threat intelligence company Intel 471 revealed that newly observed TrickBot control servers were unable to respond to bot requests, and Microsoft now says its actions have successfully prevented newly registered servers from becoming operational.

The tech giant explains that it managed to take down 62 of the 69 initial TrickBot servers around the world, as well as 58 of the 59 new servers that the malware operators attempted to add to their infrastructure.

"In sum, from the time we began our operation until October 18, we have taken down 120 of the 128 servers we identified as Trickbot infrastructure around the world," Tom Burt, Corporate Vice President of Customer Security & Trust at Microsoft, says.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/72M0GKDicIc/microsoft-says-most-trickbot-servers-are-down

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 706 781 4550 4600 3628 13559