The TrickBot botnet has survived a takedown attempt orchestrated by a coalition of tech companies on Monday.
TrickBot command and control (C&C) servers and domains seized yesterday have been replaced with new infrastructure earlier today, multiple sources in the infosec community have told ZDNet.
Sources from companies monitoring TrickBot activity described the takedown’s effects as “temporal” and “limited,” but praised Microsoft and its partners for the effort, regardless of its current results.
“Our estimate right now is what the takedown did was to give current victims a breather,” a security researcher said.
While some companies agreed to go on the record, ZDNet decided to refrain from using any of our interviewed source’s names to avoid indirectly criticizing the entities involved in the takedown (Microsoft’s Defender team, FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, and Broadcom’s cyber-security division Symantec).
But in private interviews, even security