Microsoft prevents Russian hackers from interfering with US polls infrastructure

*Company says it has cut off key infrastructure, so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems

*Financial institutions, corporations, and consumers to benefit from tech firms’  intervention

Isola Moses | ConsumerConnect

In barely weeks away from the United States Presidential election in November 2020, various reports are already in circulation that a group of tech firms have taken down a significant hacking tool being used by Russian attackers.

Experts say the tool was intended to “sway voter opinions” or “infect computer systems” used to maintain voter rolls. Given a chance to run wild, the tool may have been able to report on election-night results or seize computer systems at a scheduled time to sow havoc and doubt.

It was gathered that leading the charge of the hacker prevention warriors is Microsoft, which announced Monday that it had taken prohibitive actions against Trickbot. Trickbot, already a longtime Microsoft nuisance, is a notorious Russian botnet that’s infected more than a million computers, and has been a leading source behind an endless number of ransomware attacks, according to report.

Tom Burt, Microsoft’s Corporate Vice President, Customer Security & Trust, stated: “We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world.

“We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”

Report added that the court granted Microsoft the permission to disable any IP address or server used by Trickbot, as well as block Trickbot’s owners from buying more servers.

On top of Trickbot’s election threat, it’s regarded as a major thorn in the side of financial institutions.

Security researchers as well noted that the malware has previously been able to reach online banking Web sites and steal funds from people, banks, payment processors, and credit unions without a consumer ever knowing what happened.

Burt stated: “People are unaware of Trickbot’s activity as the operators have designed it to hide itself.

“After Trickbot captures login credentials and personal information, operators use that information to access people’s bank accounts.

“People experience a normal login process and are typically unaware of the underlying surveillance and theft.”

Ransomware attacks have been on an upswing over the four years since Trickbot appeared on the scene, targeting everyone from city governments to health care companies like United Health Services and its 400 health care facilities in the US and UK, report added.

Kindly Share This Story