Microsoft took action to disrupt a botnet called Trickbot, one of the world's most infamous botnets and prolific distributors of ransomware.
As the United States government and independent experts have warned, ransomware is one of the largest threats to the upcoming elections. Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust.
Microsoft disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world. The company has cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.
In addition to protecting election infrastructure from ransomware attacks, the action will protect a wide range of organizations including financial services institutions, government agencies, healthcare facilities, businesses and universities from the various malware infections Trickbot enabled.
To read more about Microsoft's action against Trickbot and ransomware, visit Microsoft on the Issues.
