THE END OF NECURS ATTACKS!

Microsoft Cyber Security Team has been performing malware analysis with reverse engineering method since 2017. The Cyber Security Team has worked extensively with the collaboration to resolve the infrastructure of the Necurs malware control-command system. Necurs was first detected in 2012, and was detected to have infiltrated more than 83,000 computers worldwide in two months. Previously, malware that spread so fast has not been encountered. Necurs Botnets are structurally compared to the Trojan horse. It connects to your computer with a spammy or e-mail that seems harmless and multiplies. Necurs; GameOver is also considered the ancestor of many malware such as Zeus, Dridex, Locky, Trickbot.

In 2013, Necurs Botnets were replaced by Game over Zeus. With Game over Zeus, Necurs shifted to second gear and started using the Upatre installer to make way for him. By the end of 2014, Cyber Security teams resolved the operation system of Game over Zeus botnet and eliminated this malware. However, Necurs Botnet's new trump card family was ready: Crypto Locker ransomware. Crypto Locker was one of the most famous ransomware codes at the time and made an estimated $ 30 million illegal profit in just 100 days. Following the rapidly rising ransomware trend in 2015, Necurs continued to distribute crypt-ransom ware that year, sometimes through well-known exploit kits such as Magnitude and Angler. In 2016, it opened a new page in Necurs operations. He started using millions of powerful Botnets as spam infrastructure. From 2016 to 2019, the most important method of spreading spam and malware by criminals was Nercus and was responsible for 90% of malware spread worldwide by email.

Botnets are transmitted through email attachments or malware that send spam to the victim's system.After entering a system, Necurs disables a large number of security applications, including Windows Security Wall, to protect both itself and other malware in the infected system. kernel mode uses rootkit features to leave. Necurs are modular, more specifically, it allows operators to change the way they work over time. The fact that Necurs is modular makes traceability difficult.

Bitsight conducted a research on Necurs Botnets as a result of its partnership with Microsoft Cyber Security teams. They determined 11 Necurs Bonet during the research. 4 of them caused 95% of the attacks. Necurs interrupted his attacks from time to time. Unexpectedly, his attacks slowed down from March 2019 to 2020. Even in this waiting period, the system infected 2000 million Botnet systems.

In the chart below, we shared the 5 countries most affected by Necurs Botnets for the first seven days of March 2020. This data is the information that reaches Bitsight's system. Normally, you can see that these figures are a small part of the truth.

User-added image 

Microsoft and its partners in 35 countries took coordinated legal and technical steps to disrupt one of the world's most productive Botnets, called Necurs, that infect more than nine million computers worldwide. After eight years of monitoring and planning as above, it managed to keep the Botnets under control. On Thursday, March 5; New York's East District US District Court issued an order that allowed Microsoft to control the US-based infrastructure used by Necurs to distribute malware. This was accomplished through a collaborative effort involving legal action and public-private partnerships around the world. Microsoft Cyber Security team is pioneering activities that will prevent criminals behind Necurs from registering new domains for future attacks. These measures caueses cyber criminals will no longer be able to use the basic elements of their infrastructure used to carry out their attacks.

The Microsoft Cyber Security Team took major measures today to combat cyber criminals. However, cyber criminals will find new techniques to continue their illegal acquisitions. It is imperative that you invest in information security to protect your company's data and not to fall into the ransom network of cyber attackers.

Check out our cyber security trainings to take cyber security measures!

For further information contact us:
info@bilginc.com
+90 212 282 77 00

 

With our nearly 30 years of experience, we deliver the best IT training to Australia, enabling people to thrive in the constantly changing tech industry. We provide thorough training to meet a variety of learning goals with a wide choice of IT courses, from cutting-edge topics like data science to programming languages like Python and Java. As a reputable training company, we work with top suppliers like IBM, Red Hat, Microsoft, Oracle, Agile, Scrum, ISTQB, and Isaca to make sure that our programs adhere to the most recent industry standards. Our knowledgeable instructors lead you through practical learning experiences, giving you the skills and information required to succeed in the IT business, whether you're in the energetic cities of Sydney, Melbourne, or Brisbane or exploring other tech hubs around the nation. Discover excellence in learning and embark on a transformative journey to enhance your tech career.




Contact us for more detail about our trainings and for all other enquiries!

Related Trainings

Latest Blogs

Upcoming Trainings

By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.