E9 Trojan Necurs [Video]
Video uploaded by xiaojun ODU on June 3, 2015
Necurs Botnet: Halloween’s Nightmare of Malicious Spam
With Halloween right around the corner, we are seeing all kinds of scary stories and images around our neighborhoods. Unfortunately, there has recently been a release of something truly terrifying, and it isn’t as innocent as a stuffed spider hanging on your neighbor’s house. It might even be lurking in your own home and on your electronic devices without you having a clue.
If you are familiar with any of the vicious malware out there today, chances are, you’re very familiar with the infamous Necurs Botnet. Emerging in late 2012, Necurs made itself known after it had infected over 83,000 devices worldwide. It was clear from the very beginning that the people behind this hidden malware not only knew exactly what they were doing but were also well versed in the security operations and how to code it in order to avoid detection.
Over the next couple of years, Necurs came alongside the bank credential stealing malware, Game Over Zeus not only took hold and invaded each device as well as the owner’s banking information (to use at a later time), but allowed Necurs to hide itself so that either virus was not able to be uninstalled. Game Over Zeus was finally caught by law enforcement in late 2014, but by then, Necurs had come alongside another very well-known virus, Cryptolocker. This particular virus encrypted files on personal as well as business devices, making the files useless unless a ransom was paid. The makers made an estimated 30 million dollars in less than 100 days of releasing the virus and extorting the businesses that fell prey to it.
In 2016, Necurs had a new partnership with yet another banking Trojan, called Dridex. Dridex became one of the top malware threats of its day, especially to the banks that it targeted and stole millions of dollars from in each attack. The botnet as well as it’s makers have come across a few road bumps since then, but now in late 2017, they have rallied the troops and introduced a new version as well as some frightening new capabilities.
It has been discovered that the people behind Necurs can now quietly grab a screenshot of an infected device and sends these images back to a remote server. Not only are they able to take screenshots, but they are also able to closely follow any errors that might occur during the download or functionality of the infected device. Essentially, the developers are hoping to see ways to “improve” the effectiveness of their virus and by seeing what the user sees, makes it much easier to do.
These are indeed scary times when ransomware and botnets can exert such control over your computers and bank accounts. The developers of Necurs have put a lot of time into writing the code so that it can’t be detected, and it lives in the very core of your computer. If you have become infected with this or any other virus, you can very well lose your device completely. We hope that this doesn’t happen to you, but remember that if there comes a day that you need to sell your infected or broken device, iGotOffer can help you regain a little of the cost and a bit of your dignity. We will buy your devices, even if they don’t work and pay you top dollar for them. If something this detrimental happens to you, there is at least a silver lining that will allow you to purchase something new and start over. Follow our blogs about how to avoid these malicious viruses so that hopefully these problems will never be able to affect your device in the first place.
Links
- Necurs: Mass mailing botnet returns with new wave of spam campaigns – Symantec Connect Community
- Thinking to sell your old computer? iGotOffer is the best place to sell desktops, laptops and other devices online.
- Everything About Apple’s Products – The complete guide to all Apple consumer electronic products, including technical specifications, identifiers and other valuable information.
- Everything About Microsoft’s Products – The complete guide to all Microsoft consumer electronic products, including technical specifications, identifiers and other valuable information.
Facebook
Twitter
RSS