Security News > 2020 > March > Necurs Botnet in Crosshairs of Global Takedown Offensive
A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world's most prolific and globally dispersed spam and malware infrastructure.
The move came after Microsoft and partners across 35 countries cracked Necur's domain generation algorithm, which is what generates random domain names to allow the botnet to distribute malware and infect victim computers around the world.
"Microsoft reported these domains to their respective registries in countries around the world so the websites can be blocked and thus prevented from becoming part of the Necurs infrastructure."
Necurs is perhaps best known for being used as a dropper for other malware, including GameOver Zeus, Dridex, Locky, Trickbot and others, according to analysis of the botnet published Tuesday by BitSight security researcher ValterSantos.
The botnet was flogged as part a botnet-for-hire service in which the criminal custodians of Necurs would sell or rent access to the infected computer devices to other cybercriminals, researchers said.