Microsoft disrupts hacking operation that threatens US election

[Sylence]

Microsoft disrupts hacking operation that threatens US election

 

Ransomware presents a significant threat to elections, and Microsoft is working to disrupt a major malware network.

 

 

 

 

Microsoft and several organizations worked together to stop a hacking operation that could potentially threaten the upcoming U.S. election if left unchecked (via CNN). Microsoft's efforts disrupt a botnet known as Trickbot, which is a dangerous botnet that is utilized by criminals to distribute ransomware.

 

Microsoft highlights in a blog post that experts believe ransomware is one of the largest threats to the upcoming U.S. elections. Ransomware can be used to lock computer systems used as part of the election, such as devices that maintain voter rolls or systems that report election results.

 

To disrupt Trickbot, Microsoft received a federal court order that allowed the company to disable IP addresses associated with Trickbot's services. Microsoft worked with telecommunication partners around the world to execute its plans. Microsoft's actions happen alongside efforts by US Cyber Command to disrupt cyber criminals, as explained by the Washington Post.

 

Microsoft analyzed approximately 61,000 samples of Trickbot malware during its investigation. Trickbot provides "malware-as-a-service," which means that the people behind Trickbot can provide people access to infected machines. This allows people to deliver malware, including ransomware, to infected devices. In addition to infecting PCs, Trickbot has also infected IoT devices.

 

"We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems," explains Microsoft corporate vice president Tom Burt.

 

These efforts represent a "new legal approach," according to Microsoft. The company also notes that criminals will likely be able to adapt and find new ways to proceed with plans. The new approach could then be used to help fight against adapted attacks going forward.

Burt explains in Microsoft's blog post,

Quote

We fully anticipate Trickbot's operators will make efforts to revive their operations, and we will work with our partners to monitor their activities and take additional legal and technical steps to stop them.

 

 

Disrupting Trickbot will also help protect financial services institutions, government agencies, healthcare facilities, businesses, and universities from malware attacks that are enabled by Trickbot.

 

 

Windows Central

 

[steven36]

They didn't make the internet  no safer by doing this . The makers of Trickbot still have  all that data  they stole  and  are already rebuilding  there botnet .  And there  ransomware campaign is business   as usual . All this done was fix it were there going charge  more to  unencrypt  there   ransomware to pay for the downtime .  They Government knew this it was only meant to disrupt them tell  the elections  was over .

Source:

Only  thing new I learned  today was  Microsoft helped  but this tells me what i already knew since  2013  that Big Tech is in bed  with the Government.  Also Since  the Botnet was on windows it was in there best interest to help .Even if it only stops it for a little while. this not the only thing happen  the Government also got a bunch of sites  closed  down that were spreading disinformation . But i dont post  the article to try to keep  the peace .💀

[mp68terr]

Quote

Disrupting Trickbot will also help protect financial services institutions, government agencies, healthcare facilities, businesses, and universities from malware attacks that are enabled by Trickbot.

This would be a better help than focusing solely on the election.

Hackers are hacking because it is hackable. It is more difficult to hack the low tech paper+manual-counting way.

[steven36]

52 minutes ago, mp68terr said:

This would be a better help than focusing solely on the election.

Hackers are hacking because it is hackable. It is more difficult to hack the low tech paper+manual-counting way.

No  forcing  Windows servers  and the PCs offline that host botnets tell they patch would  be the only way because  the same botnet or another one is going  to infect  them.

 

Tanking a  Botnet offline has never been effective  the main problem  is people not doing updates  the Government  and M$  needs  to disrupt them instead. 

[Sylence]

This made election safer for sure

[steven36]

The  Microsoft  attacks  has nothing to do with  the election   or did  they help  Cyber Command  these were different attacks  Microsoft  attacked them over  misleading there customers because they use Microsoft  trademarks  in there malware tricks.  The OP used CNN  News  as a source   they post fake political news .

 

Source:

 

[Sylence]

Microsoft has done more for security than any other company to be honest. buying fake domains, bumping up security, they are leading.  

[steven36]

They  have no authority to do anything  without  a court approving it and the court order has no jurisdiction outside the USA .   that why taking a botnet  that has endpoints in 20 countries will never work  they have endpoints in places were the USA  has blacklisted  . Also say If  it's a botnet  effecting windows   but  they used  Facebook Trademark  or some other product  the court would never approve it.  FYI  this was not just a Microsoft  Effort  . It was  a Group  effort  they used  data and insights a global network of partners including FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT and Symantec, a division of Broadcom, in addition to Microsoft Defender team. In other News  you see ESET  taking the credit and in the spotlight .Without  all these other players and  corporation form service providers in other  USA  friendly countries and a court order it would never been possible  .   The OP  is based  on PR  . It was Microsoft and Other Tech Companies  tired  to take down TrickBot  they still have endpoints online.

 

They not like US Cyber Patrol  ,CIA  and NSA  that hack at random  and the only way you find out if  it leaks out., most leaks are done just to send out a warning  that this is just a small dose of what we can do if you don't back off.  Everything M$ do is done trough the courts and is matter of public record .There legally responsible . If the goverment  does  something  and if it ever sees a courtroom  the NSA  will just cover it up . they attack  and deal with the redtape latter. 

 

Microsoft  is just a private company with a public IPO.  most of there money is not even made from M$  Defender or even Windows anymore. Most of there money is made from stocks they have to convince Wallstreet  that there shares are worth buying everyday . Taking down botnets  is just good PR  to sell stocks. if there investors sell  them off  then  the vaule of the company drops  and the Acting CEO  holds very little stock compared  to the others.

 

The Vanguard Group an American registered investment advisor based in Malvern, Pennsylvana is the top  owner of Microsoft Corp. Microsoft  is IPO  it belongs  to investors it dont belong to Microsoft really anymore they have lots of owners  . Bill Gates  only owns like 1% of Microsoft now. He owns  more  in Apple  now than M$... Bill Gates owns 2.25 %  of Apple as well! He has more stock in Apple and Amazon than in his own Microsoft. So that should tell you something  even there founder  think its going to crash.

 

Quote

Microsoft is a diverse business that allows investors to gain exposure to a wide array of compelling technology trends. Indeed, Microsoft allows investors to participate in the stabilization of the PC market, the continued secular growth in gaming, the booming cloud computing market, and the ongoing need for productivity software. Oh, and if you were a fan of LinkedIn before it was acquired by Microsoft, owning Microsoft shares get you exposure to that business, too. 

Microsoft  is many things  and how much there worth depends  on the day and how there stock is doing . Everything they do has to  be approved by investors (Stock Holders ) One slip up , bad investment  or scandal they could lose billions with the stock market it's like  gambling  your fate depends on the luck of the cards . The CEO job is to make sure  this dont happen  and the one they have now does a better job  than  other Big Tech Outfits. People  who just  invested $ 5 thousand dollars  when M$  went IPO in 1986  it''s worth   $10,592,104  over  10 Million.

 

 Microsoft pioneered the botnet take down in 2010 so this is not new for them  here it is 10 years latter and botnets are more profitable than ever just Trickbot targets Microsoft as a  company they not only use M$ trademark  to serve you ransomware they make exploits  that  bypass and  shut down Windows Defender.   That the only reason VA  gave them a court  order  .

 

 

This a classic  example  of Attempting to drain the lake, rather than fixing the hole in the boat.

[Sylence]

oh also fighting with phishing emails through Outlook. damn you don't believe how many phishing emails are out there and people never pay attention to the sender address. they see something about paypal, they click on it thinking its legit but its actually sent from an address like [email protected]

 

that's where Microsoft Outlook phishing protection also comes to play. so overall in all fronts it's great.