Security News > 2020 > March > Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Microsoft says it managed to disrupt the Necurs botnet by taking control of the U.S.-based infrastructure that it has been using to conduct its malicious activities.
Necurs is a peer-to-peer hybrid botnet that uses a Domain Generation Algorithm to ensure bots could always connect to a command and control server.
The botnet has been around since at least 2012 and has grown to become one of the most prolific botnets in existence.
Necurs' P2P architecture allows it to resist takedown attempts, but Microsoft now says that it managed to crack down on the botnet's DGA algorithm and take over the domains used for C&C after the U.S. District Court for the Eastern District of New York allowed it with an order issued on March 5.
Working with public and private entities worldwide, the tech giant was able to take control over the botnet's U.S.-based infrastructure to ensure that Necurs' operators can't register new domains to launch additional attacks.
News URL
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- Microsoft disrupts ONNX phishing-as-a-service infrastructure (source)