Bitsight and Microsoft Disrupt Necurs Botnet

But roughly 2 million infected systems remain in the wild, and infected systems could be reactivated at any time.

Dark Reading Staff, Dark Reading

March 11, 2020

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Bitsight and Microsoft have taken joint action against the Necurs botnet, analyzing the client software and disrupting the command-and-control (C&C) infrastructure. Necurs has been one of the largest botnets since it was first detected in 2012.

Necurs is known as a "dropper" botnet, acting as a carrier for malware including GameOver Zeus, Dridex, Locky, and Trickbot. According to researchers, 11 Necurs botnets were identified, with the four largest responsible for 95% of the total infections.

While the two companies say they have disrupted some known C&C servers, they estimate that roughly 2 million infected systems remain in the wild and note that infected systems could be reactivated at any time. Bitsight and Microsoft are passing signatures and other information to other security professionals in the hope that many of the infected systems can be cleaned before any reactivation occurs.

For more, read here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "Keys to Hiring Cybersecurity Pros When Certification Can't Help."

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights