Large Botnet Comes Back To Life — With More Malware
A botnet associated with the huge volumes of Dridex and Locky-laden emails in recent months has resumed operations after mysteriously going dark for three weeks.
Researchers from multiple firms report seeing a sharp increase in malicious traffic originating from the Necurs botnet, after a significant drop-off beginning May 31.
AppRiver security analyst Jonathan French spotted the botnet back in action on June 21 in the form of a massive Locky email campaign. From an average of between three million- to 10 million emails with malicious attachments per day since the beginning of June, the number suddenly shot up to 80 million malicious emails on June 21, and 160 million on June 22, French said.