Necurs botnet

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Necurs botnet is a distributor of many pieces of malware, most notably Locky.


Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state.[1] In late March, 2017, the botnet began to send spam emails as part of a pump and dump scam.[2][3]

Distributed malware[4][edit]

See also[edit]