Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide

necurs botnet takedown

Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure.

The latest botnet takedown was the result of a coordinated operation involving international police and private tech companies across 35 countries.

The operation was conducted successfully after researchers successfully broke the domain generation algorithm (DGA) implemented by the Necurs malware, which helped it remain resilient for a long time.

DGA is basically a technique to unpredictably generate new domain names at regular intervals, helping malware authors to continuously switch the location of C&C servers and maintain undisrupted digital communication with the infected machines.

“We were then able to accurately predict over six million unique domains that would be created in the next 25 months. Microsoft reported these domains to their respective registries in countries around the world so the websites can be blocked and thus prevented from becoming part of the Necurs infrastructure,” Microsoft said.

Additionally, with the help of court orders, Microsoft has…

http://feedproxy.google.com/~r/TheHackersNews/~3/44ubAc5lyOY/necurs-botnet-takedown.html

Have a comment? Type it below!