Cyber security news for all

More

    Necurs-Botnet is one of the largest networks for sending spam emails

    The main blow to the botnet necurs is of a technical nature. In cooperation with security experts from all over the world, hackers were able to crack the botnet algorithm with which Necurs was able to continuously generate new domains. Microsoft and its partners were able to precisely predict around five million domains that Necurs would have generated in the following months.

    Microsoft Hacks The Main Botnet Algorithm

    After the algorithm had been cracked, Microsoft was able to report the domains to be generated to the national registration authorities. The registrars then blocked the domains in their systems so that they could not become part of the Necurs botnet. The company also managed to get a US district court to issue a court order that allowed Microsoft to take control of the infrastructure if it was on American soil. With that, the Necurs botnet is largely at an end, as Microsoft writes in its security blog. Access by the criminal actors was no longer possible, at least in relation to important key areas of the botnet.

    Success was preceded by years of global investigative work. The Necurs botnet, which recently had more than million infected computers worldwide, was first noticed 10 years ago. The Microsoft Digital Crimes Unit began monitoring the botnet’s activities with the support of other partners. It was found that it spread malware.

    Necurs Was Subsequently Used For The Entire Range Of Botnet Crime

    Among them was the spread of Trojans and stock cams. The portfolio also included the classic sending of spam emails about counterfeit products. Microsoft shows the extent using as  an example. For example, a single observed, infected computer sent a total of 4 million spam emails to over million potential victims worldwide in 2 months.

    In addition, the criminals used Necurs for crypto mining, ransomware distribution and financial fraud. According to Microsoft, an existing function for carrying out DDOS attacks, in which targeted attacked servers are overloaded and thus switched off was available, but has not yet been activated. The criminals are also said to have rented access to their botnet. This allowed other cybercriminals to use the capacities of the million devices network for their own purposes.

    Recent Articles

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Unknown attackers had access to personal data of Warner Music

    Warner Music Group has admitted a security incident in which customers card details were stolen in some of the company's online stores. Warner Music...

    Donald Trump wants to force a sale of TikTok to Microsoft

    It was recently announced that President Donald Trump plans to prohibit business with the owners of TikTok by decree. The American head of state...

    PIN protection is cracked for contactless payments

    Contactless payments by card only works up to typically 30 dollars without a PIN. The PIN is actually  requested for high payments. This is...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox