New Scarab Ransomware Using Necurs-as-a-Service
The new Scarab ransomware being distributed via email by the Necurs botnet appears to come from scanning devices or services like HP, Epson or Lexmark. While there are similarities to the Necurs-distributed Locky ransomware, Scarab seems to have been developed by a different malware author. Necurs began actively distributing Scarab on November 23rd (Thanksgiving Day in the U.S.). Cyren's security cloud blocked 13.3 million emails containing the Scarab attachment that day.