[HN Gopher] Microsoft Uses Trademark Law to Disrupt Trickbot Botnet
___________________________________________________________________
Microsoft Uses Trademark Law to Disrupt Trickbot Botnet
Author : todsacerdoti
Score : 125 points
Date : 2020-10-12 13:09 UTC (9 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| skywhopper wrote:
| I can't tell what actually happened from this article. Were
| physical servers seized? I'm not sure I understand how trademark
| law would enable that versus just criminal prosecution.
| unnouinceput wrote:
| My understating is that Microsoft only attacked and seized
| their domains. I don't think they actually have remote control
| over the servers, end even if they have the owners could simply
| just wipe and reinstall. And since these servers are physically
| located in countries like Russia or China I doubt Microsoft has
| the capability to do a physical sizing even if they wanted to.
|
| That being said and given the power corporations are gaining
| year by year it will not be long before Microsoft will file to
| have their own SWAT team to physically size or destroy
| computers and/or crackers.
| gowld wrote:
| Only the DNS root operators can seize domains. They did do
| pursuant to a US court order.
| ryanlol wrote:
| DNS root operators can only seize TLDs, not regular domain
| names.
| kalium-xyz wrote:
| DNS root, TLD operators, and registers.
| tialaramex wrote:
| Registries and registrars.
|
| The registry is a single entity that decides which names
| exist under a particular domain hierarchy, providing this
| capability might be contracted out to somebody else to do
| on behalf of the "real" owners of that domain for example
| the COM domain registry is operated by Verisign under
| contract.
|
| One or more Registrars provide (mostly sell) the service
| of managing entries in that registry. For all the popular
| commercial TLDs there are multiple commercial registrars.
| The registrars have to abide by rules set by the registry
| (since if they did not the registry can just stop them
| providing any services) even if they are not under the
| same legal jurisdiction as the registry.
|
| For the gTLDs the rules for this playing field are set by
| ICANN. It would like these rules to apply everywhere, but
| the ccTLDs are assigned to sovereign entities, and like a
| two year old, sovereign entities do not take kindly to
| being told what to do.
| bluesign wrote:
| I think not servers but IPs are seized (basically blocked).
| cptskippy wrote:
| > A court in Virginia granted Microsoft control over many
| Internet servers Trickbot uses to plunder infected systems,
| based on novel claims that the crime machine abused the
| software giant's trademarks.
|
| > "Users subject to the negative effects of these malicious
| applications incorrectly believe that Microsoft and Windows are
| the source of their computing device problems. There is great
| risk that users may attribute this problem to Microsoft and
| associate these problems with Microsoft's Windows products,
| thereby diluting and tarnishing the value of the Microsoft and
| Windows trademarks and brands."
|
| > Microsoft said it will leverage the seized Trickbot servers
| to identify and assist Windows users impacted by the Trickbot
| malware in cleaning the malware off of their systems.
|
| > But so far it's not clear whether Microsoft succeeded in
| commandeering all of Trickbot's control servers, or when
| exactly the coordinated seizure of those servers occurred.
| skywhopper wrote:
| Yes, I read the article. Your quotes do not answer my
| question.
| cptskippy wrote:
| The article says it's not clear if it's happened or how.
|
| Just because a court rules in one party's favor doesn't
| necessarily mean it applies outside of the jurisdiction of
| the court.
|
| That being said if they were working in coordination with
| law enforcement then the servers could have at least been
| secured in a relatively short period of time.
| SoSoRoCoCo wrote:
| "A court in Virginia granted Microsoft control over many
| Internet servers "
|
| I'm waiting to hear the answer too. This sentence seems to be
| missing context in the rest of the article.
| Nextgrid wrote:
| This could set a potentially dangerous legal precedent. Microsoft
| are arguing that the malware operation damages Microsoft's brand,
| instead of putting the fault onto themselves for making
| vulnerable software.
|
| The malware operation should absolutely be shut down, but other
| laws (that we have - the CFAA would apply) should be used to do
| so.
|
| Otherwise any other manufacturer of defective products can argue
| that someone else (potentially unintentionally) is damaging their
| brand by triggering a flaw in the product instead of fixing their
| product. Imagine a car manufacturer whose cars fall apart due to
| minor irregularities in the road suing the city for not making
| the roads smooth enough instead of producing better cars that are
| immune to this problem.
| muststopmyths wrote:
| Even more interesting (to me anyway), wouldn't the same
| reasoning also apply to jailbreaking and reverse-engineering
| devices ?
|
| In those cases as well the behavior of the system is being
| altered while retaining the original branding.
| cptskippy wrote:
| > This could set a potentially dangerous legal precedent.
| Microsoft are arguing that the malware operation damages
| Microsoft's brand, instead of putting the fault onto themselves
| for making vulnerable software.
|
| I don't think this sets an precedent. Think about it in terms
| of physical security, a thief's ability to circumvent poor or
| no security doesn't preclude them from liability for their
| crimes.
|
| The court has seized their assets and given them to Microsoft
| so that Microsoft can repair the damage they've done both to
| Microsoft and to it's customers.
| ffhhj wrote:
| Then Microsoft will use a fraction of those assets to pay bug
| bounties.
| acomjean wrote:
| Well let the operators of the botnet complain to the courts
| about Microsofts actions in court.
|
| The defendants aren't going to show, so its an easy win for
| microsoft.
| rlpb wrote:
| > This could set a potentially dangerous legal precedent.
| Microsoft are arguing that the malware operation damages
| Microsoft's brand, instead of putting the fault onto themselves
| for making vulnerable software.
|
| I think both can be true. Even if you think Microsoft should be
| held legally culpable for making vulnerable software, I don't
| think that should be a "get out of jail free" card for someone
| exploiting it.
|
| I therefore don't see how agreeing that Microsoft is being
| harmed by malware authors could possibly result in a legal
| precedent exonerating them from legal liability over vulnerable
| software. Courts consider what is presented to them and their
| rulings tend to be narrow.
| Nextgrid wrote:
| To be clear, I am absolutely not arguing that malware authors
| should get impunity - we have other laws such as the CFAA
| that should be used to punish this activity.
|
| I am also not saying that software developers should
| automatically be liable for bugs or security vulnerabilities
| in their products.
|
| My concern is that such a precedent would then allow software
| developers to sue on brand damage grounds even in non-
| malicious cases such as merely documenting an exploit or
| publishing a proof of concept (designed to test the
| vulnerability on your own infrastructure), in which case even
| "mens rea" would not apply since technically
| documentation/PoC code is _intended_ to let others know about
| the vulnerability (so they can protect themselves, but that
| does technically damage the brand, although rightfully in
| this case).
| kenjackson wrote:
| I'd expect this to be narrowly interpreted. I don't think
| any precedent would extend the ways you suggest.
| kube-system wrote:
| This is not a new precedent, it is exactly what trademark law
| was intended to do. Trademark law is ultimately a consumer
| protection, designed to protect the public from fraudulent
| misrepresentation.
| brlewis wrote:
| Trademark law says you can't mislead consumers into thinking
| your thing is the trademark owner's thing. Malware fits this
| perfectly. There's no new precedent here, dangerous or
| otherwise.
|
| The car manufacturer / road irregularity analogy does not fit.
| elmo2you wrote:
| > Trademark law says you can't mislead consumers into
| thinking your thing is the trademark owner's thing.
|
| So, where did you get that these infected machines became a
| "your thing" and no longer are just Windows (albeit
| infected/altered)? I don't see the (legal) basis for calling
| these infected systems no longer Windows systems. If they're
| still Windows systems, this whole Trademark trick goes pretty
| much straight out of the window (no pun intended) for that
| reason alone.
|
| > There's no new precedent here
|
| Unless I'm reading it wrong, Microsoft essentially got itself
| a verdict that says that something that harms the reputation
| of their OS actually violates the trademark of that OS. As if
| their OS getting infected (rather easily) in the first place,
| isn't enough of a valid reason for a bad reputation.
|
| Just forget for now, about how this also totally ignores that
| Microsoft probably deserved to have been sued out of
| existence a long time ago, for (deliberate!) not doing what
| it could to keep their OS more safe/secure.
|
| Instead, now they pretty much can claim that basically
| anything that (in their perception) harms their good name and
| reputation, can be banned from running on their OS (or at
| least being seized and put under their control). That's the
| same (il)legal lunacy as currently exists with Apple
| dictating what can run on their iPhones. I would definitely
| call that a precedent (I've never heard of such a bonkers
| trademark case/verdict), and one with an extremely tricky
| potential for abuse by Microsoft.
|
| It's a good thing that Microsoft has never been caught
| abusing anything, right.
| brlewis wrote:
| > Unless I'm reading it wrong
|
| The quote in the article from the civil complaint makes it
| sound like the malware itself used MSFT trademarks. If
| there's another "it" you're reading besides the article,
| where said quote is shown to be taken out of context,
| please link.
| Nextgrid wrote:
| Is there any evidence that this malware misrepresents itself
| as Microsoft? The spam emails which seem to be the primary
| infection vector do not appear to have any Microsoft-related
| branding.
| brlewis wrote:
| Yes. Find "civil complaint" in the article.
| SilasX wrote:
| Yeah, TBH I'm more surprised that there hasn't been more
| prosecution of adware that misrepresents itself with
| Apple/MS/etc logos.
| throw_m239339 wrote:
| > This could set a potentially dangerous legal precedent.
| Microsoft are arguing that the malware operation damages
| Microsoft's brand, instead of putting the fault onto themselves
| for making vulnerable software.
|
| I agree with you.
|
| Why on earth would opening a .doc document infect a freaking
| computer? Imagine opening a freaking json file and getting
| infected by a crypto virus... The real problem is with Words or
| whatever software Microsoft has built that allows some code
| execution VIA a .doc document. They must of have so much
| technical debt nobody's willing to touch some old code anymore
| or something... IMHO, this and the fact they ditched their own
| browser engine in favour of Google's because it couldn't
| compete says a lot about the state of engineering in some
| Microsoft teams...
| withinboredom wrote:
| > Why on earth would opening a .doc document infect a
| freaking computer?
|
| It's more like a friend sends you source code and your IDE
| compiles it in the background only to discover that the act
| of compiling it had it shove some executable in ~/bin.
|
| For over five years now, the default for Word is not to run
| code/macros. Some corporate IT has that disabled or they
| might still be running office 2012/07.
| tsimionescu wrote:
| This kind of problem is ubiquitous in native software. Any
| program that takes user input and is not written in a memory
| safe language is likely to be exploitable in this way.
|
| This is doubly true for programs that execute user scripts.
| And it is inevitable for programs that support binary file
| embedding and file manipulation through those scripts - a
| feature some users of Word actually use.
| gowld wrote:
| That's fine, you can install Linux or TempleOS or whatever if
| Windows is bad.
|
| The only thing you can reasonably demand of Microsoft is (a)
| reasonably disclosure of the risk, and (b) not forcing their
| product into a separate product like your Dell hardware
| purchase.
|
| If you want insurance against imperfect security form MS, be
| prepared to pay more than $179 per PC.
| briandear wrote:
| > Microsoft are arguing that the malware operation damages
| Microsoft's brand, instead of putting the fault onto themselves
| for making vulnerable software.
|
| Isn't that blaming the victim? If you leave your house unlocked
| and someone steals stuff, it's still theft.
| nonick wrote:
| The dangerous precedent I see is Microsoft making justice for
| itself (with authorization from a judge, but still, when did
| Microsoft become law-enforcement?). Blaming Microsoft for
| building "vulnerable software" because someone is targeting
| their OS with their malware is like blaming Boeing because
| their planes were used for the 9/11 attacks.
| quickthrowman wrote:
| This isn't a criminal matter, it's a civil matter. They filed
| a lawsuit and convinced a judge their legal position was
| right, they didn't do their own vigilante justice.
| tremon wrote:
| I disagree that's a valid comparison. If the terrorists were
| able to remotely override Boeing's autopilot from the ground,
| and use that to steer the planes into the towers, Boeing
| would absolutely have been blamed, and rightly so.
| [deleted]
| rhino369 wrote:
| Nobody blamed Boeing for not putting locks on their cockpit
| doors.
|
| The public actually doesn't generally place much blame on
| manufacturers of hardware for third party manipulation
| unless the point of the device is security. Nobody expects
| a car is invulnerable to sabotage.
| nonick wrote:
| You could blame Boeing for not taking control of the planes
| from the ground and prevent the terrorists steering them
| into the towers.
| zamalek wrote:
| The software is no more vulnerable than any other software
| (unless automatic updates are disabled). The problem is that
| Microsoft users are vulnerable, they will do anything that you
| tell them to.
|
| Furthermore, Microsoft is legally obligated to protect its
| trademarks, else it looses them, and there is real precedent
| for that.
| 1vuio0pswjnm7 wrote:
| "Microsoft are arguing that the malware operation damages
| Microsoft's brand, _instead of putting the fault onto
| themselves for making vulnerable software_. "
|
| The entire "desktop" software industry championed by Bill Gates
| has always relied on this belief. Namely, that Windows exploits
| are the fault of the people who dare to point out the flaws
| (before they are fixed, if ever), instead of the "engineers"
| and management who dared to skip quality control and market
| software that they knew could be exploited.
|
| The Complaint:
|
| http://noticeofpleadings.com/trickbot/files/Complaint%20and%...
|
| In para. 49 MS are also arguing that the botnet is causing
| damage to MS because MS has to expend resources to investigate
| and clean it up.
|
| Can we consider the courts' time being wasted because of MS
| failure to perform quality control. Can we consider the losses
| of the MS software users. Users are not the ones seeking a TRO
| and damages, though surely they are sufferring more harm than
| MS from the botnet. Does MS actually own the infected
| computers.
|
| Anyway, MS arguments are not limited to trademark. They argue
| the botnet operators' use of Windows function declarations is
| copyright infringment (para. 59). They argue the botnet
| operators violated the CFAA by accessing MS computers without
| authorization and caused "a loss to MS" of greater than $5K in
| the aggregate in one year (para. 67). They argue the botnet
| operators violated the ECPA by interceting communications
| between MS and financial institutions (para. 74). They argue
| the botnet operators have committed trespass to chattels, i.e.,
| MS computers and networks (para. 99). They argue the botnet
| operators have been unjustly enriched through the use of MS
| software and online account infrastructure (para. 105). They
| even argue conversion, as if the software still belongs to MS,
| not its users (para 112). Not all of these claims are going to
| stick, obviously.
|
| Software warranties still haven't changed much over the past
| three decades in terms of product liability under US law.
| Unless the software causes physical damage to property or
| physical injury to persons, software companies can successfully
| disclaim liability for defects. Sadly, Windows users, who
| always accept MS's licensing terms, generally have no claims
| against MS for the losses they suffer as a result of Windows'
| vulnerabilities.
|
| Perhaps the only way to force quality controls into software
| "engineeering" is to allocate more products liability risk to
| those multi-billion dollar companies who produce mass market
| software. If you hate the sound of that, don't worry. I doubt
| it is ever going to happen.
|
| To me, the "Microsoft brand" is synonymous with vulnerablities,
| botnets and malware. This is only because I know the full
| history of the software. In the complaint MS argues users might
| associate degradation of performance with Windows instead of
| the botnet (para 48). In theory, MS could make this argument
| against any author of third party software running on Windows
| that hides itself from the user's awareness and, for whatever
| reason, degrades performance.
|
| Today's MS Windows, with its "software subscription" model, IMO
| is functionally tantamount to a so-called botnet, the only
| differences being "authorisation" (driven by use of dark
| patterns) and the definition of "malicious" (intent). Please
| forgive the provocative nature of that statement. What I mean
| is MS, like a "botnet", has centralised "command and control"
| of users' computers through centralised or decentralised
| communication to install software (updates), it can intercept
| users' electronic communications through telemetry and it does
| "exfiltrate" user data to MS. What makes the botnet "bad" and
| MS "good" is not the means by which each operates (they each
| excercise considerable remote control over Windows users) but
| the ends they seek to achieve. Controlling users' computers
| remotely, under a very thin veil of "authorisation", has become
| accepted behaviour.
| ummonk wrote:
| What are you talking about? The malware poses as Microsoft /
| Windows products, which is a clearcut trademark violation.
|
| In the car case, this would be analogous to a 3rd party selling
| defective parts under the brand name of a car manufacturer.
| walshemj wrote:
| Which is a problem I recall a BBC program about fake brake
| pads years ago.
| okareaman wrote:
| You're implying that makers and manufacturers could release
| perfect products with zero defects if they wanted to. No
| automobiles would ever need recall. No software would ever have
| a security bug. You do realize that's an impossibly high
| standard don't you?
| hansvm wrote:
| No, just that they need to be willing to accept the
| consequences of their mistakes rather than blame third
| parties. If software development is inherently risky then
| that's still the responsibility of software developers. If
| that makes some businesses unviable then the system is
| working as intended because they were unviable anyway, just
| profiting by passing costs to other people.
|
| There's a separate sentiment floating around (and that _was_
| the tone I caught from the parent comment, though I could be
| mistaken) that portions of Microsoft produce software with
| major design flaws that create a horde of other security and
| performance problems and that they should do better, but
| actually making better software isn't a necessary step in
| holding software creators accountable.
| moron4hire wrote:
| It seems like, if Microsoft were trying to absolve
| themselves of responsibility for defects in their products,
| the thing to do would be to claim that malware is developed
| by third parties outside of their control, against the
| terms of the EULA. What Microsoft is actually doing seems a
| lot more like taking responsibility. They're cleaning up
| the mess and helping people when they don't really have a
| legal requirement to do so.
| Ericson2314 wrote:
| A few things to counter here:
|
| 1. Considering the sloppy bullshit that is the root cause of
| 95%+ security vulnerabilities today, I think talking about "0
| security" bugs is a distorting strawman.
|
| 2. No one said no recalls. The issue here is Microsoft is
| going after the exploiter rather than the bug, taking the law
| into their own hands over dubious pretenses.
| That's somewhere in between taking the drivers licenses of
| Corvair owners and recalling the Corvairs themselves. (We
| could make a better anology if a black hat actor triggered
| the car defect.)
|
| 3. This could easily be precedent for scenario:
| 1. Security researcher finds bug and discloses it 2.
| Big crop declines to pay up / doesn't fix in timely manner,
| etc. 3. Security researcher goes public 4.
| Malware is made with exploit 5. Big corp goes vigilante
| on malware like this *and* sues security researcher, using
| this trademark justification in *both* cases.
| CrazyStat wrote:
| In what sense is Microsoft "taking the law into their own
| hands"? They filed a lawsuit and convinced the judge to
| agree with their legal theory. That's how the legal system
| works.
|
| There is no vigilantism here.
| withinboredom wrote:
| They mention in the article how it spreads via emails not
| via exploits (in which it would be called a worm, not
| malware).
| saghm wrote:
| Isn't a worm just a type of malware? Wikipedia describes
| malware as "any software intentionally designed to cause
| damage to a computer, server, client, or computer
| network".
| Talanes wrote:
| Seconded, I've always understood malware to be a broad
| categorization and not a specific type of attack.
| withinboredom wrote:
| I'd always assumed that malware was malicious software
| disguised as something else; the layman term for trojan.
| TIL that it's much more generic than that.
| thechao wrote:
| Every time, a few months before product release, downstream
| teams start filing bugs on us that boil down to the
| statement: "please continue to add features, but stop adding
| bugs".
|
| Oh, sweet summer child: features _are_ bugs.
| ardy42 wrote:
| > Otherwise any other manufacturer of defective products can
| argue that someone else (potentially unintentionally) is
| damaging their brand by triggering a flaw in the product
| instead of fixing their product. Imagine a car manufacturer
| whose cars fall apart due to minor irregularities in the road
| suing the city for not making the roads smooth enough instead
| of producing better cars that are immune to this problem.
|
| I think you're hitting the dead end you get to when you only
| conceive of the law as considering physical actions, but that's
| not how it actually works. IANAL, but there's a legal concept
| called _mens rea_ that 's very applicable here. Basically,
| what's going on in someone's mind is legally relevant, so cases
| where someone performed an identical physical action for
| different reasons can be treated differently. So there'd be a
| difference between:
|
| 1. Triggering a bug maliciously for personal gain.
|
| 2. Triggering a bug accidentally.
|
| 3. Triggering a bug benevolently as part of an effort to fix
| it.
| thaumasiotes wrote:
| That distinction would only be relevant if the statute
| specifically drew it. The ordinary _mens rea_ distinction is
| between (1) triggering the bug, intending to trigger the bug;
| and (2) triggering the bug, not intending to trigger the bug.
| rlpb wrote:
| Mens rea generally only applies to criminal law. Lack of mens
| rea doesn't insulate you from civil liability, even if it
| might affect it.
|
| See the first paragraph at
| https://en.wikipedia.org/wiki/Mens_rea
| adinisom wrote:
| Trademark infringement seems to be a strict liability tort:
| https://www.tilleke.com/resources/application-strict-
| liabili...
| fny wrote:
| Can someone explain why this legal summersault is even needed to
| seize botnet servers?
| Ericson2314 wrote:
| Because Microsoft is a vigilante looking for legal cover.
| reaperducer wrote:
| Don't vigilantes, by definition, work outside the law?
| gowld wrote:
| It's complicated. If I put up spikes to prevent people
| entering my garage, is that vigilantism?
|
| Is it vigilantism to exterminate a beehive that a vandal
| drops on my customer's property?
| tialaramex wrote:
| If the spikes somehow lock the garage closed, that's
| security. If they're instead designed to impale people who
| force it open that's going to be illegal in most places
| even if trespassing is also a criminal offence there. Not
| least because the law may authorise people to force that
| garage open, and it doesn't want authorised people getting
| hurt, regardless of how you feel about that.
| xwdv wrote:
| To cover their ass while they absolutely wreck Trickbots
| network.
| Bjartr wrote:
| I _think_ this is allowing a civil case to be brought by
| Microsoft, and therefore the ability for them to bring their
| significant capital and legal counsel to bear, rather than just
| waiting for the criminal justice system to get around to doing
| something about it.
| Ericson2314 wrote:
| If Microsoft can make a civil suit and gain control of the
| botnet infra, rather than just get damages, can I get
| poisoned by a mine/factor and get equity in the factory?
|
| What's weird is that presumably the botnet party, the natural
| counterparty, didn't show up in court, but MS appeals to a
| third party (domain registry) to get control of their assets
| rather than something more neutral for damages.
|
| I'm no lawyer but this seems awfully weird.
| rlpb wrote:
| The legal basis is that a court awards a _remedy_ [1] for
| harm done (or being done). Often that's monetary damages,
| but it doesn't have to be. The courts chooses what remedy
| is appropriate.
|
| I'm not sure that's relevant though. This might just be a
| preliminary injunction[2] rather than a final decision,
| whereas your "get equity in the factory" seems to be
| thinking about a final remedy rather than a preliminary
| injunction sought to minimize ongoing damage.
|
| [1] https://en.wikipedia.org/wiki/Legal_remedy [2] https://
| en.wikipedia.org/wiki/Injunction#Preliminary_injunct...
| Ericson2314 wrote:
| I sure hope it's a preliminary injunction! That would be
| like me taking temporary control of the factory smoke
| stack or discharge pipe. Great precedent in that case.
| MrStonedOne wrote:
| > Users subject to the negative effects of these malicious
| applications incorrectly believe that Microsoft and Windows are
| the source of their computing device problems. There is great
| risk that users may attribute this problem to Microsoft and
| associate these problems with Microsoft's Windows products,
| thereby diluting and tarnishing the value of the Microsoft and
| Windows trademarks and brands.
|
| So does this mean that anybody who made software for windows 7
| can sue microsoft for the windows 10 forced "optional" upgrade if
| it broke their software?
|
| Could they seize windows update servers as part of their
| trademark suit?
| Pick-A-Hill2019 wrote:
| I've been waiting for this story to bubble up with a reasonable
| amount of traction before commenting so I'm glad it did. I found
| this quote somewhat Funny, somewhat Sad.
|
| .. "They are running normally and their ransomware operations are
| pretty much back in full swing," Holden said. "The are not
| slowing down because they still have a great deal of stolen
| data."
|
| Holden added that since news of the disruption first broke a week
| ago, the Russian-speaking cybercriminals behind Trickbot have
| been discussing how to recoup their losses, and have been toying
| with the idea of massively increasing the amount of money
| demanded from future ransomware victims.
|
| "There is a conversation happening in the back channels," Holden
| said. "Normally, they will ask for [a ransom amount] that is
| something like 10 percent of the victim company's annual
| revenues. Now, some of the guys involved are talking about
| increasing that to 100 percent or 150 percent."
|
| [Edit to Ammend Source Link based on
| https://news.ycombinator.com/item?id=24756681. Please refer to
| https://krebsonsecurity.com/2020/10/report-u-s-cyber-command...]
|
| [Original Link] Report: U.S. Cyber Command Behind Trickbot Tricks
| https://nmap.online/news/2020/report-us-cyber-command-behind...
| jlgaddis wrote:
| FWIW, your link is just blogspam. From a quick skim, it appears
| to be a copy/paste of another Krebs article,
| https://krebsonsecurity.com/2020/10/report-u-s-cyber-
| command....
| Pick-A-Hill2019 wrote:
| Ok wow, I missed that and thanks for reporting it. If the
| edit window is still open I will ammend the url link to
| reflect the source article. Oh & have an upvote :)
| Stierlitz wrote:
| "Trickbot, a global menace that has infected millions of
| [microsoft windows] computers and is used to spread ransomware."
|
| There, corrected for accuracy.
| bluesign wrote:
| Blog post from Microsoft: https://blogs.microsoft.com/on-the-
| issues/2020/10/12/trickbo...
| afrcnc wrote:
| The court docs: https://www.noticeofpleadings.com/trickbot/
___________________________________________________________________
(page generated 2020-10-12 23:00 UTC)