The latest Global Threat Index from cyber security specialist Check Point reveals that the Necurs spam botnet — reckoned to be the largest in the world — is being used to distribute one of the latest ransomware threats.
During the Thanksgiving holiday in the US, Necurs sent over 12 million emails in just one morning, distributing the relatively new Scarab ransomware, first seen in June 2017.
“The re-emergence of the Necurs botnet highlights how malware that may seem to be fading away doesn’t always disappear or become any less of a threat,” says Maya Horowitz, threat intelligence, group manager at Check Point. “Despite Necurs being well known to the security community, hackers are still enjoying lots of success distributing malware with this highly effective infection vehicle.”
For mobile devices Triada, a modular backdoor for Android which grants superuser privileges to downloaded malware, is in number one spot. In second is Lokibot, an Android banking Trojan and information-stealer, which can also turn into a ransomware that locks the phone in case its admin privileges are removed. Third is LeakerLocker, Android ransomware that reads personal user data, and then presents it to the user and threatens to leak it online if ransom payments aren’t made.
You can find out more about the Global Threat Index on the Check Point blog.