Microsoft orchestrates coordinated takedown of Necurs botnet

Forums Security News (Security) Microsoft orchestrates coordinated takedown of Necurs botnet

Tagged: 

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • April 1, 2020 at 5:47 am #41588
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        Microsoft orchestrates coordinated takedown of Necurs botnet
        Coordinated effort across 35 countries
        One of the largest spam botnets ever created

        Auto extracted Text……

        Microsoft announced today a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide.
        The takedown effort came after Microsoft and industry partners broke the Necurs DGA — the botnet’s domain generation algorithm, the component that generates random domain names.
        Necurs authors register DGA-generated domains weeks or months in advance and host the botnet’s command-and-control (C&C) servers, where bots (infected computers) connect to receive new commands.
        Breaking the DGA allowed Microsoft and its industry partners to create a comprehensive list of future Necurs C&C server domains that they can now block and prevent the Necurs team from registering.
        Furthermore, Microsoft’s legal team also intervened and obtained a court order last week, on March 5, granting Microsoft control over existing Necurs domains that were being hosted in the US.
        The OS maker said it worked with cybersecurity firms, internet service providers, domain registries, government CERTs, and law enforcement across 35 countries to coordinate the Necurs takedown, making this one of the biggest coordinated takedowns that have ever taken place.
        After Microsoft has taken control of existing Necurs infrastructure, the company and its industry partners have been able to sinkhole the botnet and receive information about all the bots located across the world.
        As a final step part of this effort, Microsoft says it’s now working with ISPs and CERT teams to notify users who have been infected so that they can remove the malware from their computers.
        Historically, the Necurs botnet first appeared in 2012 and became one of the largest spam botnets known to date.
        The botnet is the collection of all computers that have been infected by a malware module named Necurs.
        The Necurs spam module runs on a user’s computers and uses its resources to send out massive amounts of spam email on a daily basis

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.