World’s Largest Spam Botnet Adds DDoS Feature

Following the news that Necurs, the world’s largest spam botnet with nearly 5 million infected bots, of which one million active each day, has added a new module that can be used for launching DDoS attacks. Ben Herzberg, Security Research Group Manager at Imperva Incapsula commented below.

 Ben Herzberg, Security Research Group Manager at Imperva Incapsula:

Ben Herzberg“It is interesting that Necurs added a DDoS feature, but I wouldn’t be too alarmed.

Currently, IoT devices are easy prey for DDoS BotNets. At Imperva, we are seeing attempts to use IoT BotNets for things such as credential stuffing and other automated attacks, not just DDoS.  When you think about it – it’s common-sense as the attackers can monetize more out of the low hanging fruit, which in this case is the IoT devices which are easy to infect in large quantities.

On the other hand, using a good Desktop BotNet for DDoS attacks may not be a smart move. DDoS attacks are high profile, and that can lead to faster termination of BotNets.

Therefore, it seems likely that this is either a test module, or something to be used in a “doomsday scenario” – for example when the BotNet operators need it for a very good reason – not just as a normal ddos-for-hire campaign.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.