Saturday, December 14, 2024
HomeSecurity NewsBeware!! 230 Million Necurs Botnet Sending as Valentine's Day Dating Spam Messages...

Beware!! 230 Million Necurs Botnet Sending as Valentine’s Day Dating Spam Messages With Malware

Published on

SIEM as a Service

Necurs bot which is one of the biggest bot and well know for distributing Ransomware, spam emails and bank bots. In the past, it is responsible for spreading various ransomware like JAFF Ransomware, banking trojan. In the current campaign, it sends Valentine’s Day Spam Messages.

With its current campaign Necurs sents more than 230 million dating spam messages and it started in the mid of January 2018 and ended on Feb. 3.

Security researchers from IBM X-Force tracked the spam campaign, it sents more than 30 million emails a day, the current campaign delivers short email blurbs from supposed Russian women living in the U.S. While typical spam email is notorious for bad spelling and grammar, these samples are rather well-worded.

The first campaign started on Jan. 16 and ran up to Jan. 18, next wave from Jan. 27 and died on Feb 3.

- Advertisement - SIEM as a Service

Also read Necurs Spam Botnet Back in Business Spreading Scarab Ransomware

Researchers said the campaign targetting the users of Facebook or Badoo, based on the messages indicated. The bot uses more than 950,000 IP’s to deliver Valentine’s Day Spam messages.

Valentine's Day Spam

Spam emails contain only the basic text, which may not convince many people. The top spam-sending IP is hosted via a Pakistani-based ISP and it sents more than 655 times.

Valentine's Day Spam

More than 55% of IPs that involved in sending spam messages hosted in India and Vietnam. Attackers continuously changing IP address to avoid blacklists and blocking.

Botnets always keep on changing the methods they spread and always keep finding new ways by varying file types and email policies.

How to stay safe – Valentine’s Day Spam

1. Have a unique Email address.
2. Do not open any attachments without proper validation.
3. Don’t open emails voluntary emails.
4. Use Spam filters & Antispam gateways.
5. Never respond to any spam emails.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

“Password Era is Ending,” Microsoft to Delete 1 Billion Passwords

Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every...

Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit

The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks...

Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins

Researchers discovered multiple vulnerabilities in Ruijie Networks' cloud-connected devices. By exploiting these vulnerabilities, attackers...

New Android Banking Malware Attacking Indian Banks To Steal Login Credentials

Researchers have discovered a new Android banking trojan targeting Indian users, and this malware...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors

Researchers uncovered the resurgence of APT-C-01, also known as the Poison Ivy group, an...

Hackers Can Secretly Access ThinkPad Webcams by Disabling LED Indicator Light

In a presentation at the POC 2024 conference, cybersecurity expert Andrey Konovalov revealed a...