A coalition of security-minded organizations led by Microsoft struck a major blow against the mighty Necurs botnet -- one of the largest in world -- dismantling its infrastructure in a global takedown.
Empowered by a court order, Microsoft not only took control of the Necurs operators' web domains, but it blocked an additional 6 million domains that the company predicted would be used by the cybercriminal organization over the next 25 months. Microsoft executed this preemptive move by analyzing Necurs' domain name generation (DNG) algorithm, extrapolating future domains based on said algorithm, and then reporting the domains to global registries so they could block them.
Necurs botnet malware is closely associated with the Russian cybercriminal group Evil Corp, which has used its botnet capabilities to distribute Dridex and TrickBot banking malware, the Locky and BitPaymer ransomware, and the Zeus trojan. Last December, the U.S. Justice Department announced that it filed hacking and bank fraud charges against two of its suspected members, including Maksim Yakubets, who has worked for the Russian intelligence agency FSB.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.