Necurs botnet

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.

Reports

Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.^[1]^[2]

In a 2020 report, it was noted to have particularly targeted India, Southeast Asia, Turkey and Mexico.^[3]

Distributed malware^[4]

Bart
Dridex
Locky
RockLoader
Globeimposter

References

↑ French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.
↑ "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.
↑ "Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.
↑ "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[ISB-1] French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.

[DYN-2] "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.

[3] "Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.

[ITPRO-4] "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

[1]

[2]

[3]

[4]

Reports

Distributed malware[4]

See also

References

Distributed malware^[4]