Leading up to the New Year, my in-laws repeatedly had questions about emails they were receiving - asking them to pay, click, approve or open something.
Now I'm wondering how many were ransomware attempts from a single botnet. The Necurs Botnet, to be specific.
Security firm AppRiver tracked 47 million Necurs generated emails in a single day, on December 28, 2017.
These are hourly rates above-do you see the peak hour? 6,573,288 emails that the company say botnet operators were all attempting a ransomware infection.
"These messages continue to distribute the Locky and GlobeImposter ransomware. Lately the distributors have preferred to use either a malicious .vbs (visual basic script) or .js (javascript) file located inside a .7z (seven-zip archive) to pull down the ransomware payload. The .7z archive helps keep the file sizes small and evade detection for basic email filters that do not scan inside archives."
AppRiver says the Necurs Botnet took several months off in 2017, then ended the year with a December 19-December 28 email barrage.
Fortunately, my in-laws did not take the bait. Hopefully no one at your office did, either.
