Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday January 03 2018, @01:44PM   Printer-friendly
from the That's-a-lot-of-stamps-to-lick dept.

The Necurs botnet continued to launch massive global ransomware attacks through the Holiday Season with researchers stopping as many as 47 million emails per day.

Threat actors behind the attacks continue to distribute Locky and GlobeImposter ransomware preferring to use either a malicious .vbs (visual basic script) or .js (javascript) file located inside a .7z (seven-zip archive) to pull down the ransomware payload, according to a Dec. 26 blog post.

The seven-zip archive keeps file sizes small to evade detection from basic email filters that don't scan inside archives. Between Dec. 19 and Dec. 22 AppRiver researchers spotted a large influx in attacks that at its peak, blocked a maximum sustained traffic of 5,704,052 malicious emails sent by the for-rent botnet.

[...] AppRiver researcher David Pickett hypothesizes the threat actors may have been testing or monitoring the rate of infections before realizing many of their potential targets were on vacation.

Last month, Necurs pushed out a total of 12 million malicious emails in one morning helping move it from tenth to eight place for the month's Most Wanted Malware list.

https://www.scmagazine.com/necurs-botnet-launched-massive-holiday-campaign/article/733650/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Funny) by Anonymous Coward on Wednesday January 03 2018, @01:53PM (2 children)

    by Anonymous Coward on Wednesday January 03 2018, @01:53PM (#617145)

    > with researchers stopping as many as 47 million emails per day.

    More like foot soldiers, not researchers...

    Starting Score:    0  points
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  

    Total Score:   1  
  • (Score: 0) by Anonymous Coward on Wednesday January 03 2018, @02:05PM (1 child)

    by Anonymous Coward on Wednesday January 03 2018, @02:05PM (#617150)

    Shhhhhhh.... Title inflation works on the dumb. Don't destroy their illusion that these 'researchers' are doing something of value. We never told street-sweepers either that what they did was futile! At least, these kids can now put something on their resume and maybe, just maybe, one day get a real job.

    • (Score: 1, Interesting) by Anonymous Coward on Wednesday January 03 2018, @02:13PM

      by Anonymous Coward on Wednesday January 03 2018, @02:13PM (#617152)

      I might have received one of these spams? It claimed to be from "www.PayPall.com"
      I figured it was a new way to pay for funeral services and pall bearers...

      Or, if the perpetrator couldn't spell, maybe they meant "PayPaul" -- thus robbing Peter?