AppRiver Blog

Necurs Botnet Launching Massive Ransomware Attacks

****Update: 12/29/2017 9 A.M.****

Necurs botnet operators continue to show unpredictability. Following the afternoon blog update yesterday they turned up the volume.  It ended up being our highest volume day of the year originating from the massive botnet.  We blocked 49,784,485 million ransomware messages destined to...

Read More

Hancitor Picking Up Steam

The Hancitor (aka Chanitor & TorDal) malicious downloader has been picking up steam.

Read More

Necurs Returning After a Short Vacation

Virus traffic has been huge so far in 2016. Mostly, this has been thanks to ransomware, and in particular, Locky distributed by the Necurs botnet. We've been seeing malware traffic counts in the tens of millions daily here for sometime now. This, of course, has its ups and downs, but for the past three weeks it's been...

Read More

Fake delivery emails lead to malware

We have been seeing an ongoing malware campaign claiming to be package delivery emails from places like Walmart, BestBuy, and Costco. The emails say a delivery was missed and contain a link to a form to fill out. The link actually leads to an external compromised site containing a malware zip download. The downloaded zip...

Read More