Rent-a-bot gang rises from the DDoS ashes
Beware of the 3D screensaver
Posted in Software & Security, 13th March 2008 00:15 GMT
Free whitepaper – Impact of the dramatic increase in devices on the cost to support
A notorious malware gang that rented out botnets by the hour has resurfaced after being knocked off line two months ago by a rival band of criminals.
The Loads.cc group has been spotted by researchers at Sunbelt Software pushing toxic 3D screensavers on unsuspecting end users. The software installs malware that points to a server controlled by Loads.cc and then lies in wait for instructions from a command and control server.
"This malware gang is responsible for the distribution and installation of massive amounts of malware: Spambots, keyloggers, DDoS bots, adware and rootkits," Sunbelt's Adam Thomas writes here. "It cannot be stressed enough that this is very dangerous malware and to stay away from these Trojaned screensavers."
The gang came to prominence by renting out a botnet that fellow online criminals could use to install and maintain their malware. In October, it boasted more than 35,000 infected machines, according to this post by researcher Dancho Danchev. Prices ranged from $110 to $220 per thousand infections depending on where they were located.
The group was taken offline in January following a DDoS attack by a rival gang wielding a Barracuda botnet.
In addition to maintaining the server the 3D Screensaver trojans point to, Loads.cc also claims to be offering some sort contextual advertising consultation service, according to Danchev. ®
Free whitepaper – CIO strategies for the retention and deletion of email
The Total Economic Impact of Dell's PC products and services
The best practices guide for application security
Avoiding 7 common mistakes of IT security compliance
The starter PKI program

Sign up, sign up for The Register IT security newsletter
Former top Sun exec mourns end of a franchise
Win an HTC Touch Diamond2!