Microsoft Leaves Necurs Botnet in Shambles

microsoft and partners have disrupted the necurs botnet blamed for vast spam and cybercrime operations

Microsoft this week announced the success of its efforts, jointly undertaken with partners across 35 countries, to disrupt the Necurs botnet group blamed for infecting more than 9 million computers globally.


There are 11 botnets under the Necurs umbrella, all apparently controlled by a single group, according to Valter Santos, security researcher at Bitsight, which worked with Microsoft on the takedown. Four of those botnets account for about 95 percent of all infections.

"Necurs is the named exploit that is most consistently used," said Rob Enderle, principal analyst at the Enderle Group.

The U.S. District Court for the Eastern District of New York last week issued an order enabling Microsoft to take control of the U.S.-based infrastructure Necurs uses to distribute malware and infect victim computers.
Microsoft figured out the new domains Necurs would generate algorithmically and reported them to respective registries worldwide so they could be blocked.
Microsoft also is partnering with ISPs, domain registries, government CERTs and law enforcement in various countries to help flush malware associated with Necurs from users' computers.
The botnet activity stalled this month, but about 2 million infected systems remain, waiting in a dormant state for Necurs' revival.
These systems "should be identified and rebuilt" to avoig leaving them susceptible to Necurs or another botnet, Enderle told TechNewsWorld.
"They could do a lot of damage if they aren't found in time," he said.
"Microsoft is one of the few companies going after the bad actors and not just addressing the point security problems," Enderle noted. "Until the world becomes aggressive with bringing the bad actors to justice, we will continue to be at risk of a worldwide catastrophic computer event. This problem needs to be solved at the source."

Comments

Post a Comment

Popular posts from this blog

COVID-19 and Computer Security, Part 1: Telecommuting Risks

Image
The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the   Department of Homeland Security   closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak. Federal employees were told to self-quarantine for two weeks, and the DHS building is being disinfected. It isn't just the federal government that is allowing employees to telework or telecommute. Seattle companies including Amazon, Google, Facebook and others are trying to keep workers safe by letting them do their jobs from home. Coronavirus fears have shut down schools and businesses in the Evergreen State, and public health officials in King County last week recommended allowing employees in the region to stay home. Across the country firms already have started all...
Read more

Elon Musk Fears He Will Die Before Humans Reach Mars, As Space Innovation Is Very Slow

Image
Hardly anyone can question Elon Musk’s efforts to make human beings a multi-planetary species. The tech billionaire has worked so hard towards the goal that the very objective has, infact, led to the establishment of one of his companies - SpaceX. So it is only natural that Musk would find it troubling if he is not able to achieve this target within his lifetime. With a recent public appearance of his, this now seems highly likely. "If we don't improve our pace of progress, I'm definitely going to be dead before we go to Mars," Musk was quoted as saying on Monday at the Satellite 2020 conference in Washington. "If it's taken us 18 years just to get ready to do the first people to orbit, we've got to improve our rate of innovation or, based on past trends, I am definitely going to be dead before Mars," he added. Known for setting ambitious goals and rapid-fast timelines to achieve them, Musk is understandably upset with the progress that the sp...
Read more

Sonos Is Canning Its Speaker-Killing 'Recycle Mode'

Image
Back in January, high-end speaker manufacturer Sonos announced it would no longer be providing software updates to any hardware that was released prior to 2011, beginning as soon as May. The company told customers that they could trade up for a new device at 30 percent off, but first would have to put the devices into a controversial   "Recycle Mode"   that would effectively brick the speakers. Last week, the company reversed course, quietly removing the wildly unpopular "Recycle Mode" feature from its mobile app. While Sonos is still planning to move forward with the end of software updates for legacy devices, this change means that customers will have a say in what happens to their old speakers—they can keep them, gift them, or take them to their own e-waste recycling facility of choice, or let Sonos handle it. This change-of-heart follows Sonos CEO Patrick Spence's January 23  apology post  to customers. He stated that the company "did not g...
Read more