We have updated our Privacy Policy and Terms of Use for Eurasia Group and its affiliates, including GZERO Media, to clarify the types of data we collect, how we collect it, how we use data and with whom we share data. By using our website you consent to our Terms and Conditions and Privacy Policy, including the transfer of your personal data to the United States from your country of residence, and our use of cookies described in our Cookie Policy.
Microsoft took action to disrupt a botnet called Trickbot, one of the world's most infamous botnets and prolific distributors of ransomware.
As the United States government and independent experts have warned, ransomware is one of the largest threats to the upcoming elections. Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust.
Microsoft disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world. The company has cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.
In addition to protecting election infrastructure from ransomware attacks, the action will protect a wide range of organizations including financial services institutions, government agencies, healthcare facilities, businesses and universities from the various malware infections Trickbot enabled.
To read more about Microsoft's action against Trickbot and ransomware, visit Microsoft on the Issues.
