Trickbot—the for-hire botnet Microsoft attacked—is scrambling to stay alive
Operators of Trickbot—a for-hire botnet that has infected more than 1 million devices since 2016—are looking for new ways to stay afloat after Microsoft and a host of industry partners took coordinated action to disrupt it last week.
In an update published on Tuesday, Microsoft Corporate VP for Security & Trust Tom Burt said the operation initially managed to take down 62 of the 69 servers Trickbot was known to be using to control its vast network of infected devices. Trickbot operators responded by quickly spinning up 59 new servers, and Microsoft was able to eliminate all of them except for one.
In all, the industrywide operation has taken down 120 of 128 servers identified as belonging to Trickbot. Now, Trickbot is responding by using a competing criminal group to distribute the Trickbot malware.