Microsoft has halted a massive hacking operation that "could have affected the electoral infrastructure had it been allowed to continue," CNN reports. The US IT group said Monday, October 12, that it had dismantled the servers used by Trickbot, a massive network of malware "that criminals were using to launch cyber attacks."
Microsoft said it had obtained authorization from the federal justice to deactivate the IP addresses associated with Trickbot's servers, and to have worked with telecommunications operators around the world “to eradicate the network”, specifies the site of the news channel continues American.
This action coincides with a Pentagon offensive, mentioned by the Washington Post, which aims to disrupt cybercriminals, “at least temporarily”. Microsoft has acknowledged that hackers are "likely to adapt and seek to revive their operations," CNN said. But the company’s efforts reflect a “new legal approach” that may help authorities in the future.
Trickbot allowed hackers to sell a service to other hackers, giving them the ability to inject malware into vulnerable computers or routers.
This includes ransomware (ransomware), which according to Microsoft and the US authorities, could pose a risk "to websites that display election information or to software companies that provide services to election officials," observes the site.
Ransomware, which takes control of target computers and blocks them until victims pay, can be used as part of a cyberattack on "a computer system used to maintain voter lists or communicate election night results, ”said Tom Burt, Microsoft's vice president of security, quoted by CNN.
According to the IT group, Trickbot was used to distribute Ryuk ransomware, which attacks 20 organizations a week and was recently used against Universal Health Services, one of the largest hospital companies in the United States.
Trickbot has reportedly infected "over a million computer devices worldwide since 2016," the site reports.