• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » News » Court orders seizure of ransomware botnet controls as U.S. election nears

Court orders seizure of ransomware botnet controls as U.S. election nears

by Reuters
12 October 2020
in News
0
A person casts a ballot for the upcoming presidential election during early voting in Sumter, South Carolina, U.S., October 9, 2020.

Court orders seizure of ransomware botnet controls as U.S. election nears. REUTERS/Micah Green

30
SHARES

 Microsoft said Monday it had used a court order to take control of computers that were installing ransomware and other malicious software on local government networks and threatening to disrupt the November election.

The maker of the Windows operating system said it seized a series of internet protocol addresses hosted by U.S. companies that had been directing activity on computers infected with Trickbot, one of the most common pieces of malware in the world.

More than a million computers have been infected with Trickbot, and the operators use the software to install more pernicious programs, including ransomware, for both criminal groups and national governments that pay for the access, researchers said.

Trickbot has shown up in a number of public governments, which could be hurt worse if the operators encrypt files or install programs that interfere with voter registration records or the display and public reporting of election results, Microsoft said.

“Ransomware is one of the largest threats to the upcoming election,” said Microsoft Corporate Vice President Tom Burt. Among other programs, Trickbot has been used to deliver Ryuk ransomware, which has been blamed in attacks on the city of Durham, N.C., and hospitals during the COVID-19 pandemic. 

Microsoft worked with Broadcom’s Symantec, security firm ESET and other companies to dissect Trickbot installations and trace them to the command addresses, the companies said. Microsoft for the first time used strict provisions in copyright law to convince a federal judge in the Eastern District of Virginia that since Trickbot used Microsoft code, the company should be able to seize the operator’s infrastructure from their unknowing hosting providers.

The Microsoft store is pictured in the Manhattan borough of New York City, New York, U.S., June 26, 2020.
Court orders seizure of ransomware botnet controls as U.S. election nears. REUTERS/Carlo Allegri

The seizure follows mechanical attempts to disrupt Trickbot last week by sending the operators bad information, researchers said. The Washington Post reported that U.S. Cyber Command was behind that effort, also aimed at cutting off possible sources of election chaos. Cyber Command did not respond Sunday to a request for comment.

A parallel FBI investigation identified three Eastern Europeans with major roles in the group behind Trickbot, according to one person working with the government in the matter. The person had expected indictments to be unsealed today, but said that step might have been delayed. A Justice Department spokesman did not respond to messages seeking comment over the weekend.

Microsoft said the legal seizures and its deals with telecommunications providers would stop Trickbot from deploying new software or activating pre-installed ransomware.

But Symantec said Trickbot has control points in at least 20 countries, none of which are bound by the U.S. court order.

For that reason, the group running the compromised machines is likely to regroup and may be able to communicate with infected computers in America, if less smoothly than before.

(Reporting by Joseph Menn in San Francisco. Additional reporting by Chris Bing in Washington; editing by Diane Craft)

Share30TweetShareShare

Related Posts

Is PayPal’s crypto move a game-changer for bitcoin?

Cryptocurrency crime drops in 2020 but ‘DeFi’ breaches rise, study finds

28 January 2021
The U.S. flag is seen on a building on Wall St.

Costly short squeeze makes Reddit required reading on Wall Street

28 January 2021
Huawei logo display

White House vows to protect U.S. telecoms network from Huawei security threat

28 January 2021
The Apple Inc. logo is seen hanging at the entrance to the Apple store on 5th Avenue in Manhattan

Apple says new privacy notifications to roll out in ‘early spring’

28 January 2021
Next Post
Hand of businessman with smartwatch over payment machine held by waitress

Contactless cards may protect you from COVID-19, but will they scare away the fraudsters?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83059 shares
    Share 83049 Tweet 0
  • 8 best cybersecurity podcasts for 2021

    56 shares
    Share 56 Tweet 0
  • Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

    13365 shares
    Share 13361 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Network Attached Storage

    0 shares
    Share 0 Tweet 0
Europol building

Europol distributes anti-malware code via the Emotet botnet

28 January 2021
Is PayPal’s crypto move a game-changer for bitcoin?

Cryptocurrency crime drops in 2020 but ‘DeFi’ breaches rise, study finds

28 January 2021
Privacy is an illusion. But that‘s a good thing

Privacy is an illusion. But that‘s a good thing

28 January 2021
Will quantum cryptography break classical encryption?

Will quantum cryptography break classical encryption?

28 January 2021
TikTok logo

Potentially massive TikTok vulnerability patched

28 January 2021
The U.S. flag is seen on a building on Wall St.

Costly short squeeze makes Reddit required reading on Wall Street

28 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!