Microsoft disrupted one of the world’s most infamous botnets that distribute ransomware

Reading time icon 1 min. read

Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Microsoft Trickbot

Microsoft Trickbot

Microsoft today announced that it disrupted Trickbot botnet, one of the world’s most infamous botnets that distributes ransomware. Trickbot has already infected over a million devices since late 2016. Microsoft worked with network operators around the world to take down the key Trickbot infrastructure so that the malware operators will no longer be able to use this infrastructure to distribute malware or ransomware.

Trickbot is not a simple malware which can be detected by any free anti-virus software, it constantly evolves in the affected device. Trickbot is a multi-stage malware typically composed of a wrapper, a loader, and a main malware module. The wrapper uses multiple templates that constantly change, is designed to evade detection by producing unique samples, even if the main malware code remains the same. You can read about Trickbot in detail here.

Source: Microsoft

More about the topics: microsoft, Trickbot