Massive botnet suddenly shifts focus to hacking banks
The vaunted Necurs botnet — a network of millions of hacked computers that do the bidding of criminals — suddenly shifted its focus this morning: Normally it sends consumers spam email pushing pharmaceuticals and penny stocks, but now it's conducting a more targeted phishing campaign to hack into bank networks, according to new research by Cofense.
Why it matters: Necurs is one of the largest spamming operations in the world, representing 60% of spam sent from botnets. That's a large operation to pivot — and almost certainly not one to change focus without some major goal in mind.
What happened? Cofense infects its own computers with botnet malware to keep tabs on what the botnets are doing. "Until yesterday, we were seeing subjects like '67% off pills.' This morning at 7 am, it entirely changed to subjects like 'Payment advice,' said Aaron Higbee, chief technology officer at Cofense.