Microsoft announced today that it has destroyed the Trickbot botnet, one of the world’s most notorious botnets for spreading ransomware. Trickbot has infected more than 1 million devices since the end of 2016. Microsoft has teamed up with network operators around the world to take down Trickbot’s critical infrastructure so that malware operators can no longer use it to distribute malware or ransomware.
Trickbot is not a simple malware that can be detected by any free anti-virus software and evolves among affected devices.
Trickbot is a multi-stage malware that typically consists of a shell, a loader, and a main malware module. The shell uses multiple changing templates designed to evade detection by producing unique samples, even if the primary malware code remains the same.
To learn more about ransomware and botnets, you can find out more in Microsoft’s related blog: