Necurs botnet explained

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.

Reports

Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.[1] [2]

In a 2020 report, it was noted to have particularly targeted India, Southeast Asia, Turkey and Mexico.[3]

Distributed malware[4]

See also

Notes and References

  1. Web site: French. Jon. Necurs BotNet Back With A Vengeance Warns AppRiver. 27 June 2016 . 27 June 2016.
  2. Web site: Pump and dump spam: Incapta Inc (INCT). 22 Mar 2017.
  3. Web site: Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide . The Hacker News . en.
  4. Web site: Hackers behind Locky and Dridex start spreading new ransomware. 27 June 2016.