Cyber security news for all


    Necurs-Botnet is one of the largest networks for sending spam emails

    The main blow to the botnet necurs is of a technical nature. In cooperation with security experts from all over the world, hackers were able to crack the botnet algorithm with which Necurs was able to continuously generate new domains. Microsoft and its partners were able to precisely predict around five million domains that Necurs would have generated in the following months.

    Microsoft Hacks The Main Botnet Algorithm

    After the algorithm had been cracked, Microsoft was able to report the domains to be generated to the national registration authorities. The registrars then blocked the domains in their systems so that they could not become part of the Necurs botnet. The company also managed to get a US district court to issue a court order that allowed Microsoft to take control of the infrastructure if it was on American soil. With that, the Necurs botnet is largely at an end, as Microsoft writes in its security blog. Access by the criminal actors was no longer possible, at least in relation to important key areas of the botnet.

    Success was preceded by years of global investigative work. The Necurs botnet, which recently had more than million infected computers worldwide, was first noticed 10 years ago. The Microsoft Digital Crimes Unit began monitoring the botnet’s activities with the support of other partners. It was found that it spread malware.

    Necurs Was Subsequently Used For The Entire Range Of Botnet Crime

    Among them was the spread of Trojans and stock cams. The portfolio also included the classic sending of spam emails about counterfeit products. Microsoft shows the extent using asĀ  an example. For example, a single observed, infected computer sent a total of 4 million spam emails to over million potential victims worldwide in 2 months.

    In addition, the criminals used Necurs for crypto mining, ransomware distribution and financial fraud. According to Microsoft, an existing function for carrying out DDOS attacks, in which targeted attacked servers are overloaded and thus switched off was available, but has not yet been activated. The criminals are also said to have rented access to their botnet. This allowed other cybercriminals to use the capacities of the million devices network for their own purposes.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox