A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the Necurs Botnet during the holiday season.
Necrus is a for-rent botnet that has, over the years, been used for DDoS attacks, pump-n—dump stock spam, malware created by professional cybercriminal gangs and more. The botnet is said to control up to 65 million compromised machines in total with 1-2 million active at any given time.
It utilizes a kernel-mode driver to create a backdoor allowing remote access and control of the infected computer. This allows the operators to download malware, hide components from detection, and stop security applications from functioning properly.
On December 19, the firm’s filters stopped a total of 45,976,814 malicious emails sent by the botnet. At peak traffic, filters caught a mammoth 4.6 million emails per hour, all of whom were 7zip files containing malicious visual basic scripts.
The researchers hypothesized that operators behind the ransomware campaign could have been testing and/or monitoring the rate of infections before realizing that most of their targets were away on vacation.
Image credit: Pixabay.
About the author
A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...Read more arrow_forward
Security researchers have put the spotlight on malware affecting humanoid robots with the first...Read more arrow_forward
A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...Read more arrow_forward