Necurs botnet

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.

Reports

Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.^[1] In late March, 2017, the botnet began to send spam emails as part of a pump and dump scam.^[2]^[3]

Distributed malware^[4]

Bart
Dridex
Locky
RockLoader
Globeimposter

References

↑ French, Jon. "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.
↑ "Necurs Botnet Shifts from Ransomware to Pump-and-Dump Scam". Retrieved 22 Mar 2017.
↑ "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.
↑ "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[ISB-1] French, Jon. "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.

[BIS-2] "Necurs Botnet Shifts from Ransomware to Pump-and-Dump Scam". Retrieved 22 Mar 2017.

[DYN-3] "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.

[ITPRO-4] "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.

Necurs botnet

Reports

Distributed malware[4]

See also

References

Distributed malware^[4]