Security News > 2020 > March > Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm
Microsoft has bragged of downing a nine million-strong Russian botnet responsible for vast quantities of email spam.
The Necurs botnet, responsible over the years for quite a considerable volume of spam - as well as being hired out to crims pushing malware payloads such as the infamous Locky ransomware and Dridex malware - was downed by Microsoft and its industry chums following a US court order allowing the private sector companies to go in hard and heavy on the botnet.
Microsoft researchers figured out how an algorithm that generated new, unique domains for Necurs' infrastructure operated and was able to correctly guess six million domain names that would be generated over a 25-month period, it said.
"By taking control of existing websites and inhibiting the ability to register new ones, we have significantly disrupted the botnet," beamed Burt.
Back in 2017 we reported Cisco Talos' findings that the botnet had gone offline for several months before reappearing to peddle a financial scam.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/03/11/microsoft_necurs_botnet_takedown/