Microsoft Orchestrates Coordinated Takedown of Necurs Botnet (zdnet.com) 15
Microsoft announced today a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide. From a report: The takedown effort came after Microsoft and industry partners broke the Necurs DGA -- the botnet's domain generation algorithm, the component that generates random domain names. Necurs authors register DHA-generated domains weeks or months in advance and host the botnet's command-and-control (C&C) servers, where bots (infected computers) connect to receive new commands. "We were then able to accurately predict over six million unique domains that would be created in the next 25 months," said Tom Burt, Microsoft Vice President for Customer Security & Trust. Breaking the DGA allowed Microsoft and its industry partners to create a comprehensive list of future Necurs C&C server domains that they can now block and prevent the Necurs team from registering.
Hosted by Windows (Score:1)
How can 3.8 million emails (Score:2)
go to 40.6 million victims? Or did each victim get 3.8 million emails?
Re: (Score:2)
go to 40.6 million victims?
Have you never sent an e-mail with more than one recipient?
Re: (Score:3)
I don't get it. (Score:2)
What does this have to do with coronavirus?
I have been saying for long time (Score:2)
That the domain registration fee for a new domain needs to be about $1,000.00 and needs to INCREASE by a factor of 10 for each additional domain that you want to register. And the registration should only become active after the payment irreversibly clears the payment system.
Then these assholes would not be able to afford to register thousands of domain names. They would be out of bankrupt and out of business.
Re: (Score:2)
That the domain registration fee for a new domain needs to be about $1,000.00 and needs to INCREASE by a factor of 10 for each additional domain that you want to register. And the registration should only become active after the payment irreversibly clears the payment system.
Then these assholes would not be able to afford to register thousands of domain names. They would be out of bankrupt and out of business.
The six million domain names they were planning on registering over a period of two years amounts to an eight-figure expense at cheap rates. If said "assholes" can afford that, then there's a damn good chance they can afford 10x of that. Ransomware is predicted to cost business over $6 trillion by 2021, so don't assume bankruptcy would be a realistic threat even if your plan came to fruition.
Re: (Score:2)
Ransomware is predicted to cost business over $6 trillion by 2021, so don't assume bankruptcy would be a realistic threat even if your plan came to fruition.
cost of having ransomware != profit from distributing ransomware
I can only assume whatever source you are referring to is assessing lost productivity along with ransom payments.
Re: (Score:2)
Re: (Score:2)
Is it really a takedown? (Score:2)
By taking control of existing websites and inhibiting the ability to register new ones, we have significantly disrupted the botnet.
Why Were Anti-Microsoft Posts Demoted? (Score:2)
This is why you turn on telemetry (Score:1)
This is how they estimate the number of infected clients and trace it back to a source so that they can begin their campaign. I call this a win for the people willing to share a little bit of info to benefit the masses.