The Necurs botnet is a distributor of many pieces of malware, most notably Locky.
Around June 1, 2016, the botnet went offline, perhaps due to a glitch in the command and control server running Necurs. However, three weeks later, Jon French from AppRiver discovered a spike in spam emails, signifying either a temporary spike in the botnet's activity or return to its normal pre-June 1 state. In late March, 2017, the botnet began to send spam emails as part of a pump and dump scam.
- French, Jon. "Necurs BotNet Back With A Vengeance Warns AppRiver". Retrieved 27 June 2016.
- "Necurs Botnet Shifts from Ransomware to Pump-and-Dump Scam". Retrieved 22 Mar 2017.
- "Pump and dump spam: Incapta Inc (INCT)". Retrieved 22 Mar 2017.
- "Hackers behind Locky and Dridex start spreading new ransomware". Retrieved 27 June 2016.
|This malware-related article is a stub. You can help Wikipedia by expanding it.|