H L Data Storage Store Banner 970x90
Breaking News

MSI and Asus announces X670E motherborads AMD introduces Ryzen 7000 series, new chipsets and technologies CORSAIR introduce VOYAGER a1600 Gaming & Streaming Laptop AMD Advantage Edition Phison Announces Strategic PCIe Gen5 Relationship with AMD and Micron at Computex 2022 Apacer Unveils COMPUTEX 2022 Event Series

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Disrupts World’s Largest Online Criminal Network

Microsoft Disrupts World’s Largest Online Criminal Network

Enterprise & IT Mar 10,2020 0

Today, Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific botnets, called Necurs, which has infected more than nine million computers globally.

This disruption is the result of eight years of tracking and planning.

A botnet is a network of computers that a cybercriminal has infected with malicious software, or malware. Once infected, criminals can control those computers remotely and use them to commit crimes. Microsoft’s Digital Crimes Unit, BitSight and others in the security community first observed the Necurs botnet in 2012 and have seen it distribute several forms of malware, including the GameOver Zeus banking trojan.

The Necurs botnet is one of the largest networks in the spam email threat ecosystem, with victims in nearly every country in the world. During a 58-day period in Microsoft's investigation, for example, the company observed that one Necurs-infected computer sent a total of 3.8 million spam emails to over 40.6 million potential victims.

Necurs is believed to be operated by criminals based in Russia and has also been used for a wide range of crimes including pump-and-dump stock scams, fake pharmaceutical spam email and “Russian dating” scams. It has also been used to attack other computers on the internet, steal credentials for online accounts, and steal people’s personal information and confidential data. Interestingly, it seems the criminals behind Necurs sell or rent access to the infected computer devices to other cybercriminals as part of a botnet-for-hire service. Necurs is also known for distributing financially targeted malware and ransomware, cryptomining, and even has a DDoS (distributed denial of service) capability that has not yet been activated but could be at any moment.

On Thursday, March 5, the U.S. District Court for the Eastern District of New York issued an order enabling Microsoft to take control of U.S.-based infrastructure Necurs uses to distribute malware and infect victim computers.

Microsoft analyzed a technique used by Necurs to systematically generate new domains through an algorithm. The company was then able to accurately predict over six million unique domains that would be created in the next 25 months. Microsoft reported these domains to their respective registries in countries around the world so the websites can be blocked and thus prevented from becoming part of the Necurs infrastructure. By taking control of existing websites and inhibiting the ability to register new ones, Microsoft has significantly disrupted the botnet.

Microsoft is also taking the additional step of partnering with Internet Service Providers (ISPs) and others around the world to rid their customers’ computers of malware associated with the Necurs botnet. This remediation effort is global in scale and involves collaboration with partners in industry, government and law enforcement via the Microsoft Cyber Threat Intelligence Program (CTIP). Through CTIP, Microsoft provides law enforcement, government Computer Emergency Response Teams (CERTs), ISPs and government agencies responsible for the enforcement of cyber laws and the protection of critical infrastructure with better insights into criminal cyber infrastructure located within their jurisdiction, as well as a view of compromised computers and victims impacted by such criminal infrastructure.

For this disruption, Microsoft is working with ISPs, domain registries, government CERTs and law enforcement in Mexico, Colombia, Taiwan, India, Japan, France, Spain, Poland and Romania, among others.

Tags: botnetcybercrimeCybersecurityMicrosoft
Previous Post
U.S. Commerce Department Extends Huawei License
Next Post
Micron Samples uMCP Product With LPDDR5 to Increase Performance and Battery Life in 5G Smartphones

Related Posts

  • Apple, Google, and Microsoft commit to expanded support for FIDO standard

  • Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device

  • Introducing new Surface products, built for Windows 11

  • Introducing Windows 11

  • Microsoft announces Surface Laptop 4

  • Whats best for you MAC or PC?

  • Microsoft Introduces Surface Pro 7+

  • Minecraft with RTX Now Officially Available For All Windows 10 Players

H L Data Storage Store Banner 300x600

 

Latest News

MSI and Asus announces X670E motherborads
PC components

MSI and Asus announces X670E motherborads

AMD introduces Ryzen 7000 series, new chipsets and technologies
Enterprise & IT

AMD introduces Ryzen 7000 series, new chipsets and technologies

CORSAIR introduce VOYAGER a1600 Gaming & Streaming Laptop AMD Advantage Edition
Gaming

CORSAIR introduce VOYAGER a1600 Gaming & Streaming Laptop AMD Advantage Edition

Phison Announces Strategic PCIe Gen5 Relationship with AMD and Micron at Computex 2022
Enterprise & IT

Phison Announces Strategic PCIe Gen5 Relationship with AMD and Micron at Computex 2022

Apacer Unveils COMPUTEX 2022 Event Series
Enterprise & IT

Apacer Unveils COMPUTEX 2022 Event Series

Popular Reviews

CeBIT 2005

CeBIT 2005

CeBIT 2006

CeBIT 2006

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

LiteOn iHBS112 review

LiteOn iHBS112 review

Club3D HD3850

Club3D HD3850

Pioneer BDR-2207 (BDR-207M) BDXL burner review

Pioneer BDR-2207 (BDR-207M) BDXL burner review

External USB Slim Recorders Comparison

External USB Slim Recorders Comparison

Crucial P1 NVMe 1TB SSD review

Crucial P1 NVMe 1TB SSD review

  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed