An alliance of technology companies announced on Monday that it had orchestrated a takedown of the TrickBot malware botnet.
The organizations that took part in the takedown included Microsoft’s Defender team, FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, and Broadcom’s cyber-security division Symantec.
Prior to the takedown were probes from all members into TrickBot’s backend infrastructure of servers and malware modules.
Microsoft, ESET, Symantec, and associates spent months gathering thousands of TrickBot malware samples, examining their content, and mining and charting data about the malware’s inner mechanisms.
With this information available, Microsoft went to court this month and requested a judge to give it control over TrickBot servers.
In a press release, Microsoft said: “With this evidence, the court granted approval for Microsoft and our partners to disable the IP addresses, render the content stored on the command and control servers inaccessible, suspend all services to the botnet operators, and block any effort by the TrickBot operators to purchase or lease additional servers.”
Efforts are now being made around the world to inform all infected users.
According to the alliance’s members, the TrickBot botnet had affected more than one million computers at the time of its takedown. Some of these infected systems also included Internet of Things (IoT) devices.
This is the second chief malware botnet that has been taken down this year after Necurs in March. However, the success of this takedown is yet to be determined.