Rent-a-bot gang rises from the DDoS ashes
Beware of the 3D screensaver
A notorious malware gang that rented out botnets by the hour has resurfaced after being knocked off line two months ago by a rival band of criminals.
The Loads.cc group has been spotted by researchers at Sunbelt Software pushing toxic 3D screensavers on unsuspecting end users. The software installs malware that points to a server controlled by Loads.cc and then lies in wait for instructions from a command and control server.
"This malware gang is responsible for the distribution and installation of massive amounts of malware: Spambots, keyloggers, DDoS bots, adware and rootkits," Sunbelt's Adam Thomas writes here. "It cannot be stressed enough that this is very dangerous malware and to stay away from these Trojaned screensavers."
The gang came to prominence by renting out a botnet that fellow online criminals could use to install and maintain their malware. In October, it boasted more than 35,000 infected machines, according to this post by researcher Dancho Danchev. Prices ranged from $110 to $220 per thousand infections depending on where they were located.
The group was taken offline in January following a DDoS attack by a rival gang wielding a Barracuda botnet.
In addition to maintaining the server the 3D Screensaver trojans point to, Loads.cc also claims to be offering some sort contextual advertising consultation service, according to Danchev. ®