UPDATED 00:01 EST / MARCH 11 2020

SECURITY

Microsoft leads effort to take down infamous malware-spreading Necurs botnet

Microsoft Corp. said Tuesday it has teamed with security firm Bitsight Technologies Inc. and others to take down the infamous Necurs botnet.

The botnet, regarded as one of the world’s most prolific botnets, has infected more than 9 million computers worldwide and was used for a variety of illegal activities, primarily as a dropper for other malware.

In 2017 it was reported that Necurs was being used to spread malware that took screenshots and gathered data, while in August 2018 the botnet was being used to target banks in a massive phishing campaign.

Microsoft said it managed to take down Necurs via legal and technical steps. The legal steps included Microsoft having the U.S. District Court for the Eastern District of New York issue an order enabling the company to take control of U.S.-based infrastructure Necurs used to distribute malware and infect victim computers.

“With this legal action and through a collaborative effort involving public-private partnerships around the globe, Microsoft is leading activities that will prevent the criminals behind Necurs from registering new domains to execute attacks in the future,” Tom Burt, Microsoft corporate vice president, customer security and trust, said in a blog post.

Necurs has links all over the last decade when it comes to the distribution of malware, phishing, scams and ransomware. A shortlist of malware linked to Necurs includes Zeus, Dridex, Locky and Trickbot.

There was 660,000 Necurs infection observed worldwide in the first seven days of March alone, according to BitSight. From 2016 to 2019, it was the most prominent method to deliver spam and malware by criminals, responsible for 90% of the malware spread by email worldwide, BitSight noted.

That said, there will always be other botnets developed. As BitSight security researcher Valter Santos told Infosecurity Magazine “BitSight will be getting back to work — we are tracking more than 200 billion events on a daily basis. There’s more malware out there.”

Image: bangdoll/Flickr


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU