EURid’s involvement in the Necurs botnet takedown

18 March 2020

On 10 March 2020, Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific botnets: Necurs, which has infected more than nine million computers globally.

EURid assisted Microsoft and partners with the disruption of the Necurs botnet through the use of its Abuse Prevention and Early Warning System (APEWS). APEWS tags potential malicious domain names during the registration process. Once tagged, these domain names are not delegated until they successfully pass a compliance and vetting process. This process effectively prevents domain names (like those used by the domain generation algorithm of the Necurs botnet) to be used for malicious and criminal purposes, while simultaneously offering cyber researchers and law enforcement the tools to identify potential victims and criminal actors.

“We continue our close collaboration with several partners and stakeholders in order to make the Internet, and the .eu space in particular, a safer place for all”, states Geo Van Langenhove, EURid Legal Manager.

More information on this action can be found here.