The company, aided by a series of court orders and relations with technology providers in other countries, announced that a week-long campaign against the gang that runs the Trickbot network has eliminated a possible source of vote disruption that will take place on 3 November.
“We have eliminated most of their infrastructure. Their ability to infect targets has been significantly reduced, “said Microsoft Vice President Tom Burt.
Trickbot criminals have infected more than 1 million personal computers, many in local governments, according to cybersecurity professionals. Subsequently, they entered into agreements with other gangs to install ransomware and other malware on infected computers.
Although there is no evidence that the gang was working with foreign governments, Burt said he wanted to dismantle Trickbot before the election, if Russian agents tried to use it to intervene in the voting process or cast doubt on the results. manipulating data.
Some security experts said this week that new servers installed online by the Trickbot tape are excluded by Microsoft, making it harder for the group to install new programs on infected computers.
“Measures against Trickbot are now being taken globally and have been successful against its infrastructure. However, there are still a small number of gang controllers in Brazil, Colombia, Indonesia and Kyrgyzstan who can respond, “said Intel 471 CEO Mark Arena.
The Trickbot gang is currently asking other malware groups to install its software, Arena and others have said, and are expected to rebuild their infrastructure in other ways.
Burt said the adjustment efforts will at least distract the gang from causing chaos in elections and other local government activities.