Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Image: iStock via Getty Images

The vaunted Necurs botnet — a network of millions of hacked computers that do the bidding of criminals — suddenly shifted its focus this morning: Normally it sends consumers spam email pushing pharmaceuticals and penny stocks, but now it's conducting a more targeted phishing campaign to hack into bank networks, according to new research by Cofense.

Why it matters: Necurs is one of the largest spamming operations in the world, representing 60% of spam sent from botnets. That's a large operation to pivot — and almost certainly not one to change focus without some major goal in mind.

What happened? Cofense infects its own computers with botnet malware to keep tabs on what the botnets are doing. "Until yesterday, we were seeing subjects like '67% off pills.' This morning at 7 am, it entirely changed to subjects like 'Payment advice,' said Aaron Higbee, chief technology officer at Cofense.

  • Necurs had been sending emails to any address it could get its hands on. Now the emails were targeted to specific employees of 2700 different banks.
  • Cofense checked the LinkedIn pages of some of the would be victims that its computers received commands to target, and found that the emails appeared to be based on current rosters of bank employees.
  • The phishing emails contained a Microsoft Publisher file laced with malicious code using a technique known as a macro. Usually, macros are used with Excel and Word files. "In all our time doing this, we've never seen a '.pub' [publisher] file used this way before," Higbee said.
  • The .pub file installs remote access software known as "FlawedAmmyy" that would give hackers a foothold on bank networks.

The background: Last week, the FBI warned banks that a criminal group was planning to commit widespread ATM fraud this week, and to be on the lookout for hackers trying to manipulate bank accounts.

  • Cofense could not find a connection among the targeted banks based on size or location.

Necurs has existed since at least 2012. It is primarily known for spam, but has been used for other types of malware before, too — most famously with the "Dridex" program that stole users' bank-account credentials.

Go deeper

Progressives to file resolution to strip Boebert's committee seats

Rep. Lauren Boebert walking through the Senate side of the U.S. Capitol earlier this month. Photo: Drew Angerer/Getty Images

House progressives are planning to introduce a resolution on Wednesday to strip Rep. Lauren Boebert (R-Colo.) of her committee assignments, according to a Democratic aide familiar with the matter.

Why it matters: The move, which was first reported by the Washington Post, comes as progressives — anxious to see the right-wing firebrand face retribution for her recent comments — have grown frustrated by Democratic leadership's inaction on the issue.

Roger Stone won't cooperate with Jan. 6 panel

Longtime Trump confidante Roger Stone speaking in front of the Supreme Court on Jan. 5 in Washington, D.C. Photo: Tasos Katopodis/Getty Images

Longtime Trump confidante Roger Stone won't cooperate with the House select committee investigating the Jan. 6 Capitol riot and will invoke the Fifth Amendment right not to testify, his attorney said Tuesday evening.

Why it matters: The announcement, first reported by ABC News, came hours after former White House chief of staff Mark Meadows said he wouldn't cooperate with the probe.

Updated 3 hours ago - Politics & Policy

Congressional leaders clinch support for crucial defense bill, debt limit votes

Senate Majority Leader Chuck Schumer passes waiting reporters on Tuesday. Photo: Eric Lee/Bloomberg via Getty Images

Congress has found a shortcut to pass its annual defense funding bill and raise the debt limit.

Driving the news: The House voted Tuesday night on two major bills — one creating a one-time, fast-track process for the Senate to raise the debt ceiling with just 51 votes, and another passing its annual defense bill.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!