Trickbot, Phishing, Ransomware & Elections
The last few weeks have been rough for the operators of the Trickbot botnet, a malware-as-a-service operation, who are facing coordinated attacks from both the US Cyber Command and Microsoft, with the aid of a number of partners. Trickbot's operators went from successful, with over a million infections, to becoming the target of the US military and major corporations — and Reuters is reporting that indictments resulting from an FBI investigation will be unsealed soon.
This story that has a bit of everything: international intrigue, attacks on healthcare providers, phishing at a vast scale (using topics such as COVID-19 and Black Lives Matter as lures), the Internet of Things, counter-hacking, ransomware, stolen government secrets, novel legal techniques, and even a potential election impact. There is enough here for a techno-thriller.
While Trickbot has taken some hard punches, it's probably not done. Its command and control (C2) servers are...