Microsoft-Led Coalition Successfully Disables Notorious Necurs Botnet

The Washington-based tech giant explained that its Digital Crimes Unit had partnered with cybersecurity firm BitSight and other entities from 35 countries to take down the cyber criminals.

Microsoft orchestrates coordinated takedown of Necurs botnet https://t.co/IAcs6CbSyc

— ZDNet (@ZDNet) March 11, 2020

A Sigh of Relief for Millions

Necurs is one of the most prolific cybercrime networks in the world, perfecting its craft over the years by using computers as endpoints to distribute malware and other dangerous material. Reports have suggested that the botnet was responsible for up to 90% of the world’s email-distributed malware between 2016 and 2019, infecting as many as 9 million devices along the way. The scale of the Necurs operation was quite extensive, as Microsoft explained. The firm pointed out that in its investigations, the botnet had sent some to almost every country in the world; one particular device sent up to 3.8 million emails and potentially affected more than 40 million devices along the way. The operators behind the botnet are thought to be Russian. They are known to have used their platforms to expand their nefarious campaigns while also renting it out to others to wreak havoc on the internet. Microsoft confirmed that they killed the botnet by disabling more than 6 million domains that the botnet would have automatically manufactured to expand its operations and keep itself hidden.

Still Much Work to be Done

The war against cybercrime is one that has proven rather tricky over the past few years, particularly due to malware owners’ penchant for innovation in the face of crackdowns. Today, we have malware that can evade a computer’s task manager and ransomware that immediately encrypts the content of a computer upon infiltration. While countermeasures have also improved, these actors have done a good job of sophisticating their operations to adapt and survive – just like biological viruses. As for Microsoft, the tech giant has had a rather busy month. Earlier this week, the firm released bug patches for 115 bugs, with CVEs that patched just about everything the company has to offer – from its Office suite and its Chromium-based Edge browser to the Windows operating system itself.

Unpatched Microsoft Exchange Servers continue to be vulnerable to an #RCE vulnerability (CVE-2020-0688). Don’t let an attacker take control of your server. Patch now! https://t.co/CzH1GKxpRy #Cyber #Cybersecurity #InfoSec @NSAGov

— US-CERT (@USCERT_gov) March 10, 2020

Analyses of some of the bugs – of which 26 were termed critical – explained that the vulnerabilities could allow hackers to run malicious code straight into users’ computers, thus affecting various functions that the computers operate.