Microsoft Disrupts Necurs Botnet Following 8-Year Investigation

Microsoft has announced it has disrupted the Necurs botnet with the help of partners across 35 countries, 8 years after discovering the network

Microsoft announced today an international program to disrupt the spread of a popular botnet. In a statement from Microsoft India, the company says it collaborated with partners across 35 nations to disrupt the Necurs botnet.

Necurs is an oft-used botnet that is used to deliver malware, it has infected over 9 million machines around the world. Microsoft worked with collaborators in tech and government to lead a legal and technical effort against Necurs.

According to Microsoft, the investigation and following action took eight years and will ensure the existing Necurs networks can no longer be used by cybercriminals.

In a statement, Microsoft India says 13.59% of distinct infected IP addresses were within the country during the first seven days of this month.

“In India, the Microsoft Digital Crimes Unit partnered with the Computer Emergency Response Team (CERT-IN) and National Internet Exchange of India (NIXI) to disrupt cyberattacks led by the botnet. This effort prevented the criminals behind Necurs from registering new domains to execute attacks in the future in India.”

Long-Term Investigation

Necurs was first discovered by Microsoft in 2012, when the company’s Digital Crimes Unit teamed with BitSight and other security companies. Since then, Redmond has been working on disrupting the botnet.

In 2017, Necurs was used to deliver 12.5 million emails loaded with the Scarab ransomware. The emails read ‘Scanned from HP/Lexmark/Canon’, and has a 7zip file attached.

As in previous iterations, a VBScript file is contained in that file, and the code has several Game of Thrones references. The script mentions Samwell, Jon Snow, and more. Once the payload is delivered, this variant drops a copy of itself, sevnz.exe, in the app data folder.

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x