Tag: takedown

12
Oct
2020
Posted in technology

Microsoft attempts takedown of global criminal botnet

Microsoft announced legal action Monday seeking to disrupt a major cybercrime digital network that uses more than 1 million zombie computers to loot bank accounts and spread ransomware, which experts consider a major threat to the U.S. presidential election.

The operation to knock offline command-and-control servers for a global botnet that uses an infrastructure known as Trickbot to infect computers with malware was initiated with a court order that Microsoft obtained in Virginia federal court on Oct. 6. Microsoft argued that the crime network is abusing its trademark.

“It is very hard to tell how effective it will be but we are confident it will have a very long-lasting effect,” said Jean-Ian Boutin, head of threat research at ESET, one of several cybersecurity firms that partnered with Microsoft to map the command-and-control servers. “We’re sure that they are going to notice and it will be hard for them to get back to the state that the botnet was in.”

Cybersecurity experts said that Microsoft’s use of a U.S. court order to persuade internet providers to take down the botnet servers is laudable. But they add that it’s not apt to be successful because too many won’t comply and because Trickbot’s operators have a decentralized fall-back system and employ encrypted routing.

Paul Vixie of Farsight Security said via email “experience tells me it won’t scale — there are too many IP’s behind uncooperative national borders.” And the cybersecurity firm Intel 471 reported no significant hit on Trickbot operations Monday and predicted ”little medium- to long-term impact” in a report shared with The Associated Press.

But ransomware expert Brett Callow of the cybersecurity firm Emsisoft said that a temporary Trickbot disruption could, at least during the election, limit attacks and prevent the activation of ransomware on systems already infected.

The announcement follows

03
Oct
2020
Posted in technology

QAnon still rampant on Twitter despite July takedown

In its broad strokes, these findings do not deviate significantly from Twitter’s public portrayals of the effects of its move against QAnon, which came after more than 2 1/2 years of mounting evidence about the hateful, violent nature of the conspiracy theory and its penchant for sparking real-world crimes. The House of Representatives voted Friday to condemn QAnon.

Twitter has said it sought to eliminate accounts committing violations against its rules on harassment, hate speech and incitement to violence but also wanted to allow QAnon supporters to continue operating on the platform — albeit with new restrictions — so long as they followed platform policies. Overall, the company says its action caused discussion of the conspiracy theory to fall by more than half.

The researchers, however, found troubling evidence that Twitter has not yet done enough and that the conspiracy theory continues to “persist and expand” on the site, said Daniel J. Jones, a former F.B.I. analyst and Senate investigator who lead the review of the CIA’s torture program, now president of Advance Democracy.

Some of the surviving accounts have more than 100,000 followers each and and have worked to co-opt hashtags not previously affiliated with the movement, including #savethechildren and #inittogether, which started as a call for unity in facing the covid-19 pandemic before being adopted by QAnon supporters, the report found. Followers of the conspiracy theory have consistently downplayed the public health crisis and spread disinformation about its origins, potential remedies and the likely safety risks of a future vaccine against it.

“The QAnon ideology undermines trust in public institutions and sows societal divisions through hate speech and the spread of unfounded conspiracy theories,” said Jones. “Addressing this threat is going to require more robust action by the social media platforms, but more importantly, it’s going to require