Microsoft has put a lot of time and effort into replacing compromised client routers with Trickbot malware in Brazil and Latin America.
Microsoft worked with ISPs to go door-to-door in Brazil and Latin America to replace the breached customer routers, one by one.
The hacking group uses the compromised computers as a massive bot network. It performs ransomware attacks and other illegal operations.
Trickbot is known to hijack routers and the Internet of Things that are easy to hack without their owners even realizing it.
Eliminating malware from routers can be difficult for users, making personal replacement an effective tactic.
Microsoft had hoped to crack down on the international hacking group that is an ongoing target of US cyber leadership as well as information security companies.
And with the re-emergence of the Trickbot, the Microsoft team began to think of eliminating the gang as an ongoing task with no end in sight.
Although the hacking gang operates from Russia, Belarus, Ukraine and Suriname, according to the US Department of Justice, since October Microsoft has been sending out notices around the world.
In one case, the software giant succeeded in destroying the Trickbot infrastructure in Afghanistan.
And Trickbot is still one of the largest bot networks to date. And the group built spare mechanisms into its infrastructure so that it could withstand many blows.
The Russian-speaking hacking group Trickbot has hunted down millions of victims all over the world. The bank statements of the victims were stolen. It facilitated the ransomware attacks that have caused companies to scramble for massive extortion demands for years.
Although the US Cyber Command at the Pentagon tried to make an impact on the gang’s operations last year, there are indications that the hacking gang is working behind the scenes.
Its malware occurs to monitor victims and gather intelligence, according to the latest information from cybersecurity firm Bitdefender.