Microsoft Cyber Security Team has been performing malware analysis with reverse engineering method since 2017. The Cyber Security Team has worked extensively with the collaboration to resolve the infrastructure of the Necurs malware control-command system. Necurs was first detected in 2012, and was detected to have infiltrated more than 83,000 computers worldwide in two months. Previously, malware that spread so fast has not been encountered. Necurs Botnets are structurally compared to the Trojan horse. It connects to your computer with a spammy or e-mail that seems harmless and multiplies. Necurs; GameOver is also considered the ancestor of many malware such as Zeus, Dridex, Locky, Trickbot.
In 2013, Necurs Botnets were replaced by Game over Zeus. With Game over Zeus, Necurs shifted to second gear and started using the Upatre installer to make way for him. By the end of 2014, Cyber Security teams resolved the operation system of Game over Zeus botnet and eliminated this malware. However, Necurs Botnet's new trump card family was ready: Crypto Locker ransomware. Crypto Locker was one of the most famous ransomware codes at the time and made an estimated $ 30 million illegal profit in just 100 days. Following the rapidly rising ransomware trend in 2015, Necurs continued to distribute crypt-ransom ware that year, sometimes through well-known exploit kits such as Magnitude and Angler. In 2016, it opened a new page in Necurs operations. He started using millions of powerful Botnets as spam infrastructure. From 2016 to 2019, the most important method of spreading spam and malware by criminals was Nercus and was responsible for 90% of malware spread worldwide by email.
Botnets are transmitted through email attachments or malware that send spam to the victim's system.After entering a system, Necurs disables a large number of security applications, including Windows Security Wall, to protect both itself and other malware in the infected system. kernel mode uses rootkit features to leave. Necurs are modular, more specifically, it allows operators to change the way they work over time. The fact that Necurs is modular makes traceability difficult.
Bitsight conducted a research on Necurs Botnets as a result of its partnership with Microsoft Cyber Security teams. They determined 11 Necurs Bonet during the research. 4 of them caused 95% of the attacks. Necurs interrupted his attacks from time to time. Unexpectedly, his attacks slowed down from March 2019 to 2020. Even in this waiting period, the system infected 2000 million Botnet systems.
In the chart below, we shared the 5 countries most affected by Necurs Botnets for the first seven days of March 2020. This data is the information that reaches Bitsight's system. Normally, you can see that these figures are a small part of the truth.
Microsoft and its partners in 35 countries took coordinated legal and technical steps to disrupt one of the world's most productive Botnets, called Necurs, that infect more than nine million computers worldwide. After eight years of monitoring and planning as above, it managed to keep the Botnets under control. On Thursday, March 5; New York's East District US District Court issued an order that allowed Microsoft to control the US-based infrastructure used by Necurs to distribute malware. This was accomplished through a collaborative effort involving legal action and public-private partnerships around the world. Microsoft Cyber Security team is pioneering activities that will prevent criminals behind Necurs from registering new domains for future attacks. These measures caueses cyber criminals will no longer be able to use the basic elements of their infrastructure used to carry out their attacks.
The Microsoft Cyber Security Team took major measures today to combat cyber criminals. However, cyber criminals will find new techniques to continue their illegal acquisitions. It is imperative that you invest in information security to protect your company's data and not to fall into the ransom network of cyber attackers.
Check out our cyber security trainings to take cyber security measures!
For further information contact us:
info@bilginc.com
+90 212 282 77 00
Set out on an exhilarating tech tour through New Zealand's breathtaking landscapes, where opportunity and innovation combine. New Zealand provides a fertile environment for IT enthusiasts to flourish, from the urban buzz of Auckland to the bustling cultural scene of Wellington, and the stunning beauty of Christchurch and beyond. We provide a wide variety of IT courses at our academy to provide you the knowledge and abilities you need to succeed in this fast-paced field. Explore the most recent developments in cloud computing, delve into the world of programming, become an expert in cybersecurity, or grasp the power of data analytics. You will receive top-notch training that is specifically adapted to the needs of the New Zealand IT scene thanks to the extensive industry expertise and practical experience our knowledgeable professors bring to the classroom. Join our community of enthusiastic learners, work together on engaging projects, and establish connections that can advance your career. In the heart of New Zealand's magnificent landscapes, we're here to help you design your IT future with flexible learning options and a dedication to your success.