🏄 Grow your portfolio even on vacation with InvestingPro | Summer Sale 50% OFFCLAIM SALE

Microsoft disables most of cybercriminals' control over massive computer network

Published 2020-10-20, 02:37 p/m
Updated 2020-10-20, 02:48 p/m
© Reuters. FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Microsoft logo in this picture illustration

© Reuters. FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Microsoft logo in this picture illustration

By Joseph Menn

SAN FRANCISCO (Reuters) - Microsoft Corp (O:MSFT) said on Tuesday it had disabled more than 90% of the machines used by a gang of Russian-speaking cyber criminals to control a massive network of computers with a potential to disrupt the U.S. election.

Aided by a series of U.S. court orders and relationships with technology providers in other countries, Microsoft said it its weeklong campaign against the gang running the Trickbot network was heading off a possible source of disruption to the Nov. 3 U.S. vote.

"We've taken down most of their infrastructure," corporate Vice President Tom Burt said in an interview. "Their ability to go and infect targets has been significantly reduced."

The criminals in charge of Trickbot have infected more than 1 million personal computers, including many inside local governments, according to cybersecurity professionals. They then make deals with other gangs to install ransomware and other malicious programs on the infected machines, security professionals say.

Although there is no evidence that the gang has worked with foreign governments, Burt said he wanted to disrupt Trickbot before the election in case Russian agencies attempted to use it to interfere with voting or cast doubt on the results by manipulating data.

Some security experts who had seen little impact from Microsoft's initial efforts to combat Trickbot said this week that new control servers being brought online by the gang were getting cut off, making it harder for the group to install new programs on infected computers.

3rd party Ad. Not an offer or recommendation by Investing.com. See disclosure here or remove ads.

"Disruption operations against Trickbot are currently global in nature and have had success against Trickbot infrastructure," said Intel (NASDAQ:INTC) 471 Chief Executive Mark Arena. "Regardless, there still is a small number of working controllers based in Brazil, Colombia, Indonesia and Kyrgyzstan that still are able to respond."

The Trickbot gang is now asking other malware groups to install its software, Arena and others said, and it is expected to rebuild its infrastructure in other ways.

© Reuters. FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Microsoft logo in this picture illustration

Burt said such efforts to adapt would at least distract the gang from bringing chaos to voting or other local government activity if it had been so inclined.

Is INTC truely undervalued?

With INTC making headlines, investors are asking: Is it truly valued fairly? InvestingPro's advanced AI algorithms have analyzed INTC alongside thousands of other stocks to uncover hidden gems with massive upside. And guess what? INTC wasn't at the top of the list.

Unlock ProPicks AI

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2025 - Fusion Media Limited. All Rights Reserved.