Microsoft has action taken to take out the botnet Trickbot in the run-up to the US election, the company reports Monday.
IP addresses of Trickbot blocked
The tech giant fears Trickbot is being used to undermine the US election. The risk is not so much with the voting machines themselves, but other parts of the process.
For example, citizens in the United States must first register as voters before they can cast a vote.
For example, the bot network could be used to take voter registration systems offline in the US, preventing citizens from registering on time.
Trickbot is a network of more than a million malware-infected computers and other Internet-connected devices used to attack systems en masse. In recent months, Microsoft was able to find out which servers control these ‘zombie computers’ and went to court to get permission to do something about it.
Microsoft, in collaboration with a number of other tech companies, has blocked the IP addresses of these servers, preventing them from accessing the Internet, and rendering the systems inoperable. The criminals behind the botnet are not permanently disabled because of this, but it takes them time to fully use Trickbot again.
There is no evidence yet that Trickbot was actually used to disrupt the US election. The bot network is ‘rented out’ to customers, who can use it in all kinds of ways. For example, criminals used Trickbot to steal login details at banks or to break into hospital systems.