Necurs Campaign Targets Banks
August 20, 2018 / Ionut Arghire
A recently observed spam campaign powered by the infamous Necurs botnet has been specifically targeting banks with the FlawedAmmyy RAT, security researchers warn. First observed in 2012, the Necurs botnet is best known for the massive Locky ransomware campaigns that it powered in 2016 and 2017. Considered the largest spam botnet in the world, Necurs was sending tens of millions of emails daily at the end of last year. The botnet has managed to remain active by employing multiple Domain Generation Algorithms (DGA’s) and a peer-to-peer communication protocol, along with. bit domain names, Cofense’s researchers report. Over the past weeks, it has also shown an increase in activity, the security firm notes. Last week, Necurs started sending spam emails that appeared highly targeted at the banking industry, and Cofense says that over 3,700 bank domains were targeted as recipients.