Trickbot resurrects to infect 1.4 mn machines, 16 months after Microsoft disabled 90% of its infrastructure

An evasive Trojan called Trickbot has managed to infect more than 1.4 million machines since late 2020. Ironically, Microsoft had announced in October 2020 that it had disabled 90% of the Trojan’s infrastructure, well looks like the hackers just needed 10% if its infrastructure to infect more than 1.4 million systems.

A report published by CheckPoint revealed that the Trojan was back with a vengeance. Ever since it was first reported in 2016, the Trojan has since taken forms as a botnet, ransomware and malware.   

The Checkpoint report studied attacks by the Trojan from a month after Microsoft reported that it had disabled 90% of the Trojan’s infrastructure.     

“As of October 18, we’ve worked with partners around the world to eliminate 94% of Trickbot’s critical operational infrastructure, including both the command-and-control servers in use at the time our action began and new infrastructure Trickbot has attempted to bring online,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust, in a blog post.   

Also read: Half of investigated incidents in 2021 connected to ransomware: Kaspersky

The victims of Trickbot spanned across 60 organisations, in a list that includes high profile names such as Amazon, Microsoft, American Express, PayPal and the likes. Overall, one out of every 45 companies have been affected by Trickbot, claimed CheckPoint.   

However, dark web security channel, HoldSecurity, tweeted on February 11, claiming that the Trickbot gang has lost its key members over the past 24 hours.   

“Looks like Russian government actions are driving ransomware gangs to close their doors. Hopefully this is going to be it for the one of most notorious ransomware gangs of our time,” HoldSecurity tweeted.    

“We can definitely see a decline in Trickbot campaign activity over the last couple months, we can confirm that,” said Alexander Chailytko, cybersecurity, research and innovation manager at CheckPoint.