Microsoft: After 9M Computers infected, Microsoft Takes Down Botnet

After 8 years of effort, Microsoft has dismantled the botnet called Necurs, which has spread worldwide. This botnet has affected over 9 million computers worldwide.

Microsoft said that some Russian-based criminals were behind this. Besides, they said criminals could no longer use many of the basic loopholes that had helped them to enforce cyber attacks.

A botnet is a network of computers infected by malignant software or malware by criminals. Once infected, criminals can leak information on that computer to commit crimes. It was first discovered in 2012 by Microsoft’s digital crime unit BitSight and other teams. Beyond that, they noted that it was spreading malware including Game ‘Over Zeus Banking Trojan’.

More About Necurs

Necurs is one of the largest computer networks that was behind many of the spam email threats. This has a plentiful number of victims from every country in the world.

Microsoft’s Corporate Vice President Tom Burt wrote in a blog post that “During a 58-day period in our investigation, for example, we observed that one Necurs-infected computer sent a total of 3.8 million spam emails to over 40.6 million potential victims”.

Besides, Necurs also used in many other criminal activities include Russian dating scams and pharmaceutical spam emails. Beyond everything, It was also used to reach other computers on the Internet, leak credentials from online accounts, and steal people’s personal information.

Hacker using laptop. Hacking the Internet.

Things That Happened Behind Necurs

Many dangerous things were going on behind the Necurs. criminals were able to rent computers to other cyber criminals. It also ran malware targeting financial transactions along with crypto mining and ransomware. Besides On March 5, the U.S. District Court issued a restraining order that enabling Microsoft to take control of Necurs.

Burt also said that “With this legal action and through a collaborative effort involving public-private partnerships around the globe, Microsoft is leading activities that will prevent the criminal behind Necurs from registering new domains to execute attacks in the future”.

This accomplished with the discovery of an algorithm used by the Necurs itself. All of the malicious domains that discovered reported in Microsoft’s respective Registries. That will help browsers to block those domains.

LEAVE A REPLY

Please enter your comment!
Please enter your name here