Tuesday, September 10, 2024
HomeSecurity NewsBeware!! 230 Million Necurs Botnet Sending as Valentine's Day Dating Spam Messages...

Beware!! 230 Million Necurs Botnet Sending as Valentine’s Day Dating Spam Messages With Malware

Published on

Necurs bot which is one of the biggest bot and well know for distributing Ransomware, spam emails and bank bots. In the past, it is responsible for spreading various ransomware like JAFF Ransomware, banking trojan. In the current campaign, it sends Valentine’s Day Spam Messages.

With its current campaign Necurs sents more than 230 million dating spam messages and it started in the mid of January 2018 and ended on Feb. 3.

Security researchers from IBM X-Force tracked the spam campaign, it sents more than 30 million emails a day, the current campaign delivers short email blurbs from supposed Russian women living in the U.S. While typical spam email is notorious for bad spelling and grammar, these samples are rather well-worded.

The first campaign started on Jan. 16 and ran up to Jan. 18, next wave from Jan. 27 and died on Feb 3.

- Advertisement - EHA

Also read Necurs Spam Botnet Back in Business Spreading Scarab Ransomware

Researchers said the campaign targetting the users of Facebook or Badoo, based on the messages indicated. The bot uses more than 950,000 IP’s to deliver Valentine’s Day Spam messages.

Valentine's Day Spam

Spam emails contain only the basic text, which may not convince many people. The top spam-sending IP is hosted via a Pakistani-based ISP and it sents more than 655 times.

Valentine's Day Spam

More than 55% of IPs that involved in sending spam messages hosted in India and Vietnam. Attackers continuously changing IP address to avoid blacklists and blocking.

Botnets always keep on changing the methods they spread and always keep finding new ways by varying file types and email policies.

How to stay safe – Valentine’s Day Spam

1. Have a unique Email address.
2. Do not open any attachments without proper validation.
3. Don’t open emails voluntary emails.
4. Use Spam filters & Antispam gateways.
5. Never respond to any spam emails.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chinese Hackers Using Open Source Tools To Launch Cyber Attacks

Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a...

Small Business, Big Threats: INE Security Launches Initiative to Train SMBs to Close a Critical Skills Gap

As cyber threats grow, small to medium-sized businesses (SMBs) are disproportionately targeted. According to...

Researchers Details Attacks On Air-Gaps Computers To Steal Data

The air-gap data protection method isolates local networks from the internet to mitigate cyber...

Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive

In August 2024, researchers detected a malicious Google Chrome browser infection that led to...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Critical PDF.js & React-PDF Vulnerabilities Threaten Millions Of PDF Users

A new critical vulnerability has been discovered in PDF.js, which could allow a threat...

LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely From Any Browser, Anywhere

LayerX, pioneer of the LayerX Browser Security platform, today announced $24 million in Series...

Email Header Analysis – Verify Received Email is Genuine or Spoofed

Email Header Analysis highly required process to prevent malicious threats since Email is...