A week ago, Microsoft announced that it was cracking down on the trickbot botnet by cooperating with several network security companies and telecom companies, following the executive order of the U.S. court. Today, Microsoft disclosed more details of the campaign and outlined its next action plan. In an official blog post, Microsoft wrote that as of October 18, it had destroyed 94% of the critical operational infrastructure of the trickbot botnet. Of the 69 major trickbot servers identified so far, 62 have been shut down. < / P > < p > however, in the course of the crackdown, malicious actors operating the botnet are still adding new infrastructure. Microsoft said the culprits installed 59 new servers, and it has now disabled all of them, shutting down 120 of the 128 servers. < p > < p > Microsoft said that the company actively responded to and participated in the event, but it was also a very difficult process because the other side was also taking actions to defend itself. At present, the company does have three main gains: < / P > < p > the first and most important thing is that it was ordered by the court a few days ago to ban trickbot Since the core infrastructure, Microsoft has obtained several other court orders to ensure that other components of the architecture can be removed in a legal manner, and will continue to adopt a high-pressure policy during the U.S. presidential election on November 3. < / P > < p > it has also been working with its global partners and hosting providers, who share critical information about botnets to discover new command and control servers and compromised IOT devices. The company will continue to work with ISPs to ensure that damaged equipment in homes and businesses is repaired without further harm. < / P > < p > Second, Microsoft has noticed that people who operate trickbot have been scrambling to build new infrastructure and work with other criminals to deploy malicious payloads. Although this is not as dangerous as the native functionality of trickbot, it can still be vigilant. The company said the aim of the operation was always to disrupt the botnet during the peak election campaign, so the fact that operators had to turn their attention elsewhere must have been positive for the success of the operation. < / P > < p > finally, Microsoft said its digital crime division had a deep understanding of trickbot and had established direct contacts with local ISPs, telecommunications companies and global partners who were monitoring and sharing information about the activities of trickbot 24 / 7. Apple extends AppleCare + purchase period: users can decide within 60 days

By ibmwl