Attackers behind the highly successful Locky and Bart ransomware campaigns have returned with a new creation: A malicious file-encrypting program called Jaff that asks victims for payments of around $3,700.

Like Locky and Bart, Jaff is distributed via malicious spam emails sent by the Necurs botnet, researchers from Malwarebytes. Necurs first appeared in 2012 and is one of the largest and longest-running botnets around today.

According to an April by researchers from IBM Security, Necurs is made up of about 6 million infected computers and is capable of sending batches of millions of emails at a time. It is also indirectly responsible for a large percentage of the world’s cybercrime because it’s the main distribution channel for some of the worst banking Trojan and ransomware programs.

Safe to say that since Jaff is being distributed by Necurs, it will hit a lot of mailboxes.