McAfee released its Q4 Labs Threats Report for Q4 2017. The report includes botnet campaign details regarding the Necurs and Gamut botnets, as well as Dridex banking Trojan and ransomware payloads from GlobeImposter, Locky and Scarab.
An excerpt from the McAfee report:
“In Q4 2017 we found that the Necurs and Gamut botnets comprised 97% of spam botnet traffic. (See the McAfee Labs Threats Report, March 2018.) Necurs (at 60%) is currently the world’s largest spam botnet. The infected computers operate in a peer-to-peer model, with limited communication between the nodes and the control servers. Cybercriminals can rent access to the botnet to spread their own malicious campaigns.
McAfee also reported that the count of new malware in Q4 reached an all-time high of 63.4 million new samples. There was also a big increase in cryptocurrency hijacking, which coincided with an increased market popularity in digital currencies.