Microsoft Targets Malware Vendor Trickbot Amid US Election Fears

United States Cyber Command also targeted the group amid fears hackers could use malware to upend the November 3 vote.

By Agence France-Presse | Updated: 13 October 2020 11:00 IST

Microsoft's VP said that Trickbot distributed ransomware that would allow hackers to infect a computer

Highlights

Trickbot infected more than a million devices worldwide since late 2016
Trickbot infected computers via malicious link related to COVID-19 or BLM
It's unclear who is behind Trickbot, experts say involved speak Russian

Microsoft said Monday it had taken down malware vendor Trickbot in an effort to thwart attempts to meddle with the upcoming US presidential election.

The tech giant's announcement came as The New York Times reported United States Cyber Command also targeted the group amid fears hackers could use malware to upend the November 3 vote, in which President Donald Trump seeks a second term against challenger Joe Biden.

"We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world," said Tom Burt, Microsoft's vice president for customer security and trust.

Microsoft Denies US Suggestion Its Diversity Plan Discriminates by Race

Burt said Trickbot distributed ransomware, a type of malware that would allow hackers to infect a computer and then take control of it at an opportune time.

"We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems," he said.

"Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimised to sow chaos and distrust."

Trickbot has infected more than a million devices worldwide since late 2016 and could provide hackers access to machines including routers, Burt said, adding that "research suggests they serve both nation-states and criminal networks for a variety of objectives."

The group infected computers via malicious documents or links related to news topics such as COVID-19 or the Black Lives Matter movement, Burt said.

It was unclear who was behind Trickbot, but industry experts say those involved speak Russian. US intelligence agencies concluded Russia interfered in the 2016 election to aid Trump's successful bid for office.

Flipkart, Amazon have excellent iPhone 11, Galaxy S20+ sale offers, but will they have enough stock? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.