Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm

2020-03-11 21:28

Microsoft has bragged of downing a nine million-strong Russian botnet responsible for vast quantities of email spam.

The Necurs botnet, responsible over the years for quite a considerable volume of spam - as well as being hired out to crims pushing malware payloads such as the infamous Locky ransomware and Dridex malware - was downed by Microsoft and its industry chums following a US court order allowing the private sector companies to go in hard and heavy on the botnet.

Microsoft researchers figured out how an algorithm that generated new, unique domains for Necurs' infrastructure operated and was able to correctly guess six million domain names that would be generated over a 25-month period, it said.

"By taking control of existing websites and inhibiting the ability to register new ones, we have significantly disrupted the botnet," beamed Burt.

Back in 2017 we reported Cisco Talos' findings that the botnet had gone offline for several months before reappearing to peddle a financial scam.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/03/11/microsoft_necurs_botnet_takedown/

#botnet #microsoft #necurs

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		663	792	4388	4085	3666	12931