San Francisco (AFP)
Microsoft said on Monday it had taken action against Trickbot, one of the world's largest malware vendors, in an effort to protect the U.S. election from cyberattacks.
Ill-intentioned actors, whether linked to states or not, "may use ransomware to infect a computer system used to store voter registers or determine results," recalls Tom Burt, vice president of Microsoft, in a press release.
These actors can thus "seize these systems overnight after the vote to sow chaos and undermine confidence."
Many independent and government experts have warned of the danger in the November 3 presidential election posed by this type of invisible infection, until hackers take control, at the worst possible time.
The TrickBot computer robot system, which notably offers to create or host malware for payment, is a particularly secret network which only offers its services to hackers who already have a certain reputation on the internet black market. .
"We have now cut access to key infrastructures so that Trickbot operators can no longer initiate new infections or activate ransomware already present on computers," says Tom Burt.
Microsoft says it has requested and obtained an authorization from the American justice to stop the operations of the powerful network, which has "infected more than a million devices in the world since 2016".
Trickbot is piloted by Russian-speaking cybercriminals, according to industry experts.
The US media recently revealed that a branch of the US military specializing in cybersecurity, US Cyber Command, also attacked Trickbot, in parallel.
Contacted by AFP, this unit declined to comment.
The Trickbot network is able to provide the highest bidder with access to machines (computers, wireless routers, etc.) that it has infected.
Trickbot has used, according to Microsoft, social topics like the Black Lives Matter movement and the Covid-19 pandemic to send spam and messages tricking internet users into clicking on tricked links.
© 2020 AFP