You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
As part of a coordinated effort that began around a week and a half ago, Microsoft and its partners have almost completely disabled an elusive botnet that has infected over a million computing devices since late 2016.
Called Trickbot, it is run by criminals and has been used to conduct a "wide range of nefarious activity," including the spread of ransomware, a type of malware that effectively prevents a victim from accessing their files by encrypting their data. The only way to unlock the files is with a decryption key. Typically what happens is the malware author demands a ransom, oftentimes in Bitcoin, in exchange for unlocking a victim's files. In some cases, there is a time limit to pay up, or else the data is permanently deleted.
"Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust," Microsoft explained earlier this week.
Microsoft said it initially discovered 69 servers that were core to Trickbot's various operation. In a short span, it has knocked 62 of them offline.
Best gaming mouse: the top rodents for gaming
Best gaming keyboard: your PC's best friend...
Best gaming headset: don't ignore in-game audio
"The seven remaining servers are not traditional command-and-control servers but rather internet of things (IoT) devices Trickbot infected and was using as part of its server infrastructure; these are in the process of being disabled. As expected, the criminals operating Trickbot scrambled to replace the infrastructure we initially disabled," Microsoft states in a new blog post.
Through ongoing tracking, Microsoft discovered 59 additional servers that Trickbot's operators attempted to add into the mix, and subsequently disabled 58 of them. So in total, Microsoft has killed 120 of the 128 Trickbot servers it has discovered.
This is an ongoing offensive, and Microsoft says the numbers will inevitably change. "This is challenging work, and there is not always a straight line to success," the company says. However, it has made a huge dent in Trickbot's operations and is optimistic it will stay ahead of things.
