For the last four years, Microsoft has been combating the actions of an infamous botnet called Trickbot, one of the world's leading distributors of ransomware. Unlike the usual public match gaming bots, botnets are networks of computers infected with evasive malware by cybercriminals typically for monetary gain. Microsoft has been part of a united effort with global telecommunication providers to combat and disable the botnet's malware, especially with the upcoming American elections.

Trickbot is a botnet devised by criminal hackers to distribute ransomware, a malicious type of malware that effectively holds a person's stored files hostage for a limited time in exchange for Bitcoin or lose it all for good. This type of malware has the capacity to constantly evolve, evade detection, and infect systems with a "malware-as-a-service" model. Cybercriminals even used ransomware to force gamers to play PUBG and other games. Allowing Trickbot's operators to provide their customers access to the infected machine and either steal financial login information or deliver more malware through spear and phishing campaigns.

RELATED: PUBG Update Changes Bot Frequency

The bonnet's malware has infected many computers, laptops, wireless routers, and other devices found in everyday households and has proven to be dangerous to both public and private institutions, but Microsoft has been on the case. Ever since the company became aware of the botnet in 2016, it has been spearheading the charge to disrupt Trickbot's activities. With an official court order from the United States District Court for Eastern Virginia and partnership with various industry telecommunication providers, Microsoft has been disabling Trickbot's ransomware wherever possible.

video game malware

The investigation allowed the company to observe and research the botnet's malware patterns of movement, manner of infection, and communication until it led them to their server IP addresses that were promptly shutdown. Microsoft even uses official copyright claims on it own software code and developed other legal strategies to protect customers from the botnet's malware and work with internet providers to compensate victims. This has allowed Microsoft to disrupt Trickbot's operations, locate several hundred Trickbot servers, and halt its progress.

So far, the company's coordinated actions have discovered and shutdown much of the botnet's key infrastructure. According to Microsoft's research, the identity of the operators of Trickbot is currently unknown but their actions have profited private nation-states and criminal networks using the information. This also includes voter information, poll results, and even their email accounts. Which is why the company has doubled its efforts recently because of the danger the botnet poses to voters and the potential tampering of election results.

The company explained that ransomware has been on the rise in recent years and has taken more precautionary measures against malware from the predatory botnet as well as others. Microsoft continues to provide technical security against further data breaches and protection from harmful sources of malware like Trickbot.

MORE: Gears 5 Reveals Massive Xbox Series X Update Coming Later This Year

Source: Microsoft