World’s biggest botnet sends 12.5 MILLION emails containing Scarab Ransomware

Millions of computers are at risk of infection by a virulent spam attack that threatens to destroy your files, unless you pay a Bitcoin ransom. The Scarab malware is being distributed by Necurs, the internet’s largest email spam botnet, which has been used in a number of previous online onslaughts. Within the first six hours of the attack 12.5 million emails had been distributed, with more than two million messages being sent out per hour at its height

Security experts from anti-virus software company Forcepoint, based in Austin, Texas, were among the first to raise the alarm.  They found infected files were hidden in fake scanned documents which, according to the subject line of affected emails, were supposedly created using printers from a number of reputable firms.


Commenting on this news is Eyal Benishti- CEO and Founder or IRONSCALES:

“This is a prime example of a sophisticated, widespread and incredibly dangerous malware campaign, spread through email communication. It is crucial to implement ways in which end users’ can identify these threatening emails, before they become a threat to the entire organisation; by integrating automatic smart real time email scanning  into multi anti-virus, and sandbox solutions, forensics can be performed on any suspicious emails either detected, or reported. Ensuring there is mailbox level detection, and context based mail alerts, will allow quick reporting via an augmented email experience, thus helping the user make better decisions.

By enabling a process of automatic real-time intelligence sharing and collaboration between business’, will also ensure that event information can be shared freely, which could prevent more than one organisation being hit by the same cyber-attack, which could arise as a direct consequence from a threat such as this. If organisations act proactively, they can defend their network gateways and endpoints from increasingly frequent and sophisticated threats, such as the Scarab malware.”