Researchers have uncovered over a dozen servers, unusually registered in the United States, which are hosting ten different malware families spread through phishing campaigns potentially tied to the Necurs botnet.
On Thursday, researchers from Bromium said they have monitored scams connected to this infrastructure during the May 2018 to March 2019 time period.
Five families of banking Trojans — Dridex, Gootkit, IcedID, Nymaim, and Trickbot — two ransomware variants, Gandcrab and Hermes, as well as three information stealers, Fareit, Neutrino, and Azorult, were all found on the servers.
Source: ZDNet
