Microsoft announced to have taken over the US-based infrastructure used by the Necurs
The operation saw
According to the experts, the botnet was used to send out roughly 3.8 million spam messages to more than 40.6 million targets during a 58-day long investigation.
The Necurs botnet is active since at least 2012, it is operated by the cybercrime gang tracked as TA505.
“Today, Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific
“On Thursday, March 5, the U.S.
The operation will prevent Necurs operators from registering new domains to employ in their malicious campaigns.
The experts were able to determine the algorithm used by the
Microsoft revealed that it has also collaborated with Internet Service Providers (ISPs) and other industry partners to help detect and sanitize infected computers.
“This remediation effort is global in scale and involves collaboration with partners in industry, government and law enforcement via the Microsoft Cyber Threat Intelligence Program (CTIP),” concludes Microsoft.
“For this disruption, we are working with ISPs, domain registries, government CERTs and law enforcement in Mexico, Colombia, Taiwan, India, Japan, France, Spain, Poland and Romania, among others.”
(SecurityAffairs – malware, Necurs botnet)