Metacurity

Share this post

CyberCom Disrupted Trickbot Botnet Ahead of Elections and Amid Growing Ransomware Attacks

metacurity.substack.com

CyberCom Disrupted Trickbot Botnet Ahead of Elections and Amid Growing Ransomware Attacks

But the gang behind the malware still appears to be up to its old tricks...

Cynthia Brumfield
Oct 10, 2020
∙ Paid
1
Share
Share this post

CyberCom Disrupted Trickbot Botnet Ahead of Elections and Amid Growing Ransomware Attacks

metacurity.substack.com

Through Cyber Command (CyberCom), the U.S. government has mounted an operation to disrupt the Trickbot botnet, the world’s largest botnet, which is run by Russian-speaking criminals who have hijacked millions of computers to engage in malfeasance, including ransomware attacks, according to officials who spoke to the Washington Post’s Ellen Nakashima. The operation isn’t expected to scuttle Trickbot permanently but is part of what the head of Cyber Command Paul Nakasone calls “persistent engagement” to force adversaries to engage constantly.

Cybersecurity journalist Brian Krebs first reported on the Trickbot operation last week without identifying Cyber Command as the disruptor. Citing research conducted by cyber intelligence firm Intel 471, Krebs noted that someone was messing around with the botnet, launching two attacks against Trickbot and pushing new configuration files that told the infected hosts their new malware control server had the address 127.0.0.1, which is a “local…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing