Microsoft disrupts world’s most active botnet

Microsoft and partners from 35 countries have succeeded in disrupting the world’s most dangerous botnet, Necurs, which the company says had infected more than 9 million computers.
After eight years of preparation, the software giant and partners undertook coordinated legal and technical measures to disrupt access to the botnet, Microsoft corporate vice-president Tom Burt wrote in a blog post.
Burt said Microsoft had succeeded in locking criminals out of key elements of the infrastructure needed to conduct cyber attacks. Botnets are made up of a network of many hacked devices. The malware they rely on can infect personal computers but also smart Internet-connected devices such as household electronics.
Necurs, the most active botnet world wide, is one of the largest generators of spam emails, with victims in nearly every country.
During the Microsoft-led investigation into the botnet, one infected computer was observed sending out 3.8 million spam emails to more than 40.6 million potential victims over a period of 58 days.
Necurs is believed to be operated from Russia.
It is also been implicated in so-called pump-and-dump stock scams,where investments in certain stocks are hyped up in order to artificially inflate the price to the benefit of the scammers.
Necurs has also been used to attack other computers, steal online account details, personal information and confidential data, Burt said.
Criminals were also thought to be selling or renting out access to the infected devices to other cyber criminals as part of a”botnet-for-hire” service.
The decisive blow came on March 5 after Microsoft received an order allowing it to take control of US-based infrastructure used by Necurs to distribute malware and infect devices.