Microsoft said Monday it had taken down malware vendor Trickbot in an effort to thwart attempts to meddle with the upcoming US presidential election.
The tech giant's announcement came as The New York Times reported United States Cyber Command also targeted the group amid fears hackers could use malware to upend the November 3 vote, in which President Donald Trump seeks a second term against challenger Joe Biden.
"We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world," said Tom Burt, Microsoft's vice president for customer security and trust.
Burt said Trickbot distributed ransomware, a type of malware that would allow hackers to infect a computer and then take control of it at an opportune time.
"We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems," he said.
"Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimised to sow chaos and distrust."
Trickbot has infected more than a million devices worldwide since late 2016 and could provide hackers access to machines including routers, Burt said, adding that "research suggests they serve both nation-states and criminal networks for a variety of objectives."
It was unclear who was behind Trickbot, but industry experts say those involved speak Russian. US intelligence agencies concluded Russia interfered in the 2016 election to aid Trump's successful bid for office.
Flipkart, Amazon have excellent iPhone 11, Galaxy S20+ sale offers, but will they have enough stock? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.