Security researchers have detected a massive spam campaign, delivering Scarab crypto-malware into email inboxes all over the world. Necurs botnet plays a huge part in the transmission of this infection as it as already managed to send around 2 million malicious emails per hour.
This means that the number of targeted people/victims increases drastically. Necurs had been noticed to be involved with a number of other crypto-viruses, like, Locky, Diablo6, Globe Imposter and others. Now, it has taken Scarab ransomware under its wing.
Necurs botnet began its email campaign on 23rd of November and in only six hours, it managed to send 12.5 million letters. Fake messages had subjects of “Scanned From [name of a company]”. Therefore, emails can differ for individual victims and the campaign could still be ongoing.
Messages will attempt to convince people that attachments will deliver only scanned images. However, email letters spread 7zip archives that also carried Visual Basic Scripts. The malicious codes will download and run the actual Scarab ransomware. Soon enough, many of the victims’ digital files become encoded.
What is Scarab crypto-virus? Scarab infection is a persistent sample of ransomware. It was first detected in the summer of 2017, but researchers did not detect its activity until the end of November. In the deceitful email messages that are sent by Necurs botnet, victims are recommended to download a specific .zip file. What users do not realize is that once this file is launched, operating system will become infected with a payload of Scarab ransomware.
The crypto-malware appends an original extension to the encrypted digital data: [email@example.com].scarab. If victims would wish to contact hackers, they can do this by sending messages to firstname.lastname@example.org email address.
Read more here: www.2-viruses.com/necurs-botnet-sent-12-5-million-email-letters-containing-scarab-ransomware