It has been discovered that Necurs, the Internets largest email spam botnet, has been pushing over 10 million spam emails carrying a ransomware strain known as Scarab. Scarab was first discovered in June and it is thought a new variant of the malware has been circulated. Chris Doman, Security Researcher at AlienVault commented below.
Chris Doman, Security Researcher at AlienVault:
“The Necurs bonnet has been one of the largest since it’s initial inception in 2012. It’s commonly used by very organised criminal gangs, such as those behind Dridex and Locky.
Thankfully Scarab is already well detected by most anti-virus and intrusion detection vendors.
Scarab looks less sophisticated than some other ransomware like Locky, and the usage of an e-mail based ransom payment system is very simple in contrast to it’s wide distribution.”