Microsoft Disrupts Botnet That Infected Over 9 Million Computers Worldwide

A botnet is a network of computers that a cybercriminal has infected with malicious software, or malware.

Advertisement
By Indo-Asian News Service | Updated: 11 March 2020 17:24 IST
Highlights
  • The botnet is called Necurs
  • It has infected more than nine million computers globally
  • Necurs is believed to be operated by criminals based in Russia
Microsoft Disrupts Botnet That Infected Over 9 Million Computers Worldwide

A botnet is a network of computers that a cybercriminal has infected with malicious software

After eight years of tracking and planning, Microsoft and its partners across 35 countries have now taken coordinated legal and technical steps to disrupt one of the world's most prolific botnets, called Necurs, which has infected more than nine million computers globally. Necurs is believed to be operated by criminals based in Russia, Microsoft said on Tuesday.

This disruption will help ensure the criminals behind this network are no longer able to use key elements of its infrastructure to execute cyber-attacks.

A botnet is a network of computers that a cybercriminal has infected with malicious software, or malware.

Once infected, criminals can control those computers remotely and use them to commit crimes.

Advertisement

Microsoft's Digital Crimes Unit, BitSight and others in the security community first observed the Necurs botnet in 2012 and have seen it distribute several forms of malware, including the GameOver Zeus banking trojan.

The Necurs botnet is one of the largest networks in the spam email threat ecosystem, with victims in nearly every country in the world.

Advertisement

"During a 58-day period in our investigation, for example, we observed that one Necurs-infected computer sent a total of 3.8 million spam emails to over 40.6 million potential victims," Tom Burt, Microsoft's Corporate Vice President for Customer Security & Trust wrote in a blog post.

Necurs has also been used for a wide range of crimes including pump-and-dump stock scams, fake pharmaceutical spam email and "Russian dating" scams.

Advertisement

It has also been used to attack other computers on the Internet, steal credentials for online accounts, and steal people's personal information and confidential data.

Interestingly, it seems the criminals behind Necurs sell or rent access to the infected computer devices to other cybercriminals as part of a botnet-for-hire service.

Necurs is also known for distributing financially targeted malware and ransomware, cryptomining, and even has a DDoS (distributed denial of service) capability that has not yet been activated but could be at any moment.

On March 5, the US District Court for the Eastern District of New York issued an order enabling Microsoft to take control of US-based infrastructure Necurs uses to distribute malware and infect victim computers.

"With this legal action and through a collaborative effort involving public-private partnerships around the globe, Microsoft is leading activities that will prevent the criminals behind Necurs from registering new domains to execute attacks in the future," Burt said.

This was accomplished by analysing a technique used by Necurs to systematically generate new domains through an algorithm.

"We were then able to accurately predict over six million unique domains that would be created in the next 25 months," Burt said.

Microsoft reported these domains to their respective registries in countries around the world so the websites can be blocked and thus prevented from becoming part of the Necurs infrastructure.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Microsoft
Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo Y400 Pro 5G: Everything We Know Ahead of India Launch on June 20
  2. Oppo Reno 14 5G, Reno 14 Pro 5G India Launch Timeline Leaked
  3. Poco F7 5G to Be Equipped With a Snapdragon 8s Gen 4 SoC
  4. Vodafone Idea to Bring Direct-to-Device Satellite Connectivity to India
  5. Vivo T4 Ultra Now Available for Purchase in India: See Price, Offers
  6. BSNL Announces Name of Its 5G Service in India
  7. Infinix Note 50s 5G+ Gets a New RAM and Storage Option in India: See Price
  1. OnePlus Bullets Wireless Z3 With 12.4mm Drivers, Up to 36 Hours of Battery Life Launched in India
  2. Microsoft Planning Thousands More Job Cuts Aimed at Salespeople
  3. Vivo T4 Lite 5G India Launch Date Announced; to Feature MediaTek Dimensity 6300 SoC
  4. Coinbase Launches Stablecoin Payments Service for E-Commerce
  5. Iran Crypto Exchange Nobitex Hit by Hackers, $90 Million Destroyed
  6. Vodafone Idea Partners With AST SpaceMobile to Bring Direct-to-Device Satellite Connectivity to India
  7. Microsoft Said to Be Prepared to Abandon High-Stakes Talks with OpenAI
  8. Stellar Blade's Nintendo Switch 2 Port Reportedly in Development After Successful PC Launch
  9. Vivo X Fold 5 Dimensions Confirmed Ahead of June 25 Launch; Charging Capacity Revealed
  10. Apple's Foldable iPhone to Enter Production Later This Year, Components Not Finalised: Ming-Chi Kuo
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.