Necurs botnet

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.

Reports

Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.^[1]^[2]

In a 2020 report, it was noted to have particularly targeted India, Southeast Asia, Turkey and Mexico.^[3]

Distributed malware^[4]

References

^ French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.
^ "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.
^ "Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.
^ "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

This malware-related article is a stub. You can help Wikipedia by expanding it.

[ISB-1] French, Jon (27 June 2016). "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.

[DYN-2] "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.

[3] "Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide". The Hacker News.

[ITPRO-4] "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

[1]

Reports

Distributed malware[4]

See also

References

Distributed malware^[4]