Q
Manage Learn to apply best practices and optimize your operations.

Scarab ransomware: How do botnets alter ransomware threats?

The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect data with Nick Lewis.

Forcepoint Security Labs observed Scarab ransomware being spread through the Necurs botnet. How do botnets like...

Necurs change the ransomware threat, and how should enterprises respond?

Botnets have become an important part of a standardized criminal infrastructure as attackers can use them for spam, phishing and distributed denial-of-service attacks. Some may even consider them a cloud hosting platform for criminals.

The different aspects of an attack that uses a botnet are often delegated or outsourced to individuals who specialize in certain areas -- from recruitment of bots to recruitment of money mules. This delegation of tasks can abstract the parts of a malware attack so that the attacker need only coordinate the different pieces versus needing the technical skills to complete them all. One active botnet that has been used to distribute ransomware is Necurs.

The Necurs botnet continues to distribute Locky and other malware, but it recently started distributing Scarab ransomware. Forcepoint noted that Scarab ransomware is similar to the Jaff ransomware, as it takes several steps to disable Windows recovery features, resulting in users being forced to pay a ransom if they want their files back.

Companies should have standard enterprise ransomware response steps, as well as standard malware protections for their email systems. Individuals and organizations should also back up their important data, as that may be the only option to recover from a ransomware attack or failed disk drive.

Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

This was last published in June 2018

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How has the use of botnets, such as the Necurs botnet, impacted you or your enterprise?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close