Necurs Malware Wants a Selfie With Your Desktop

  /     /     /  
Publicated : 22/11/2024   Category : security


Necurs Malware Wants a Selfie With Your Desktop


Necurs has returned and this time its carrying a payload that takes a picture of your desktop.



Its time to check your spam-blockers again because Necurs is back in town. This time its bringing a new ransomware payload and a way to check on your defenses.
Necurs is one of the more notorious botnets out there, but its been relatively quiet for several months. Now, though, its back with a vengeance and it has some new arrows in its quiver of bad news. The first arrow is a downloader that takes
screen-grabs of an infected desktop
to see whether anti-malware efforts are underway.
Researchers from Symantec note that this intelligence-gathering effort is notable because it goes against the trend of most malware-delivery systems. In most cases, the delivery software plants a malicious payload on the receiving system then disappers as quickly as possible. Stealth is the operating model. In this case, though, the attackers have decided its worth the risk of being discovered to gain intelligence on what victims might be doing to try to rid themselves of the problem.
The problem can be severe in this case, since the most common payload in the new wave of attacks is ransomware called
Locky
or an additional malware downloader called
Trickybot
.
In almost all cases, Necurs is coming copmliments of an attached file with instructions like Print Me or Invoice Attached. Up-to-date malware detection systems should recognize the malware, so its important for companies to keep systems updated and remind employees that opening attachments that are unexpected or from unknown senders is almost never a good idea.
Related posts:
CoinHive Mines New Malware Potential
Rowhammer Attack Pounds With Precision
Simple Steps to Online Safety for Cybersecurity Awareness Month
— Curtis Franklin is the editor of
SecurityNow.com
. Follow him on Twitter
@kg4gwa
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security

▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security

▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Necurs Malware Wants a Selfie With Your Desktop