Microsoft in a recent official article has shared that it disrupted one of the most dangerous Botnets “Necurs” with help from partners across 35 countries. The coordinated legal and technical steps taken by Microsoft and its partners resulted in disruption of the botnet that has infected more than nine million computers globally.
Talking about the spread of botnet Necurs Microsoft claims that its victims can be found in nearly every country.
Microsoft’s Digital Crimes Unit, BitSight and others in the security community first observed the Necurs botnet in 2012 and have seen it distribute several forms of malware, including the GameOver Zeus banking trojan. The Necurs botnet is one of the largest networks in the spam email threat ecosystem, with victims in nearly every country in the world. During a 58-day period in our investigation, for example, we observed that one Necurs-infected computer sent a total of 3.8 million spam emails to over 40.6 million potential victims.
This dreaded botnet has origins in Russia and is being used to perform many kind of online criminal activities by the attackers.
Necurs is believed to be operated by criminals based in Russia and has also been used for a wide range of crimes including pump-and-dump stock scams, fake pharmaceutical spam email and “Russian dating” scams. It has also been used to attack other computers on the internet, steal credentials for online accounts, and steal people’s personal information and confidential data. Interestingly, it seems the criminals behind Necurs sell or rent access to the infected computer devices to other cybercriminals as part of a botnet-for-hire service.
You can read more about Microsoft’s disruption of Necurs here.