Necurs botnet

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.

Reports

Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.[1][2]

In a 2020 report, it was noted to have particularly targeted India, Southeast Asia, Turkey and Mexico.[3]

Distributed malware[4]

Bart
Dridex
Locky
RockLoader
Globeimposter

References

French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.
"Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.
"Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.
"Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[ISB-1] French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.

[DYN-2] "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.

[3] "Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.

[ITPRO-4] "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

Necurs botnet

Reports

Distributed malware[4]

See also

References