The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims.

The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days.