The Channel logo

News

By | Dan Goodin 13th March 2008 00:15

Rent-a-bot gang rises from the DDoS ashes

Beware of the 3D screensaver

A notorious malware gang that rented out botnets by the hour has resurfaced after being knocked off line two months ago by a rival band of criminals.

The Loads.cc group has been spotted by researchers at Sunbelt Software pushing toxic 3D screensavers on unsuspecting end users. The software installs malware that points to a server controlled by Loads.cc and then lies in wait for instructions from a command and control server.

"This malware gang is responsible for the distribution and installation of massive amounts of malware: Spambots, keyloggers, DDoS bots, adware and rootkits," Sunbelt's Adam Thomas writes here. "It cannot be stressed enough that this is very dangerous malware and to stay away from these Trojaned screensavers."

The gang came to prominence by renting out a botnet that fellow online criminals could use to install and maintain their malware. In October, it boasted more than 35,000 infected machines, according to this post by researcher Dancho Danchev. Prices ranged from $110 to $220 per thousand infections depending on where they were located.

The group was taken offline in January following a DDoS attack by a rival gang wielding a Barracuda botnet.

In addition to maintaining the server the 3D Screensaver trojans point to, Loads.cc also claims to be offering some sort contextual advertising consultation service, according to Danchev. ®

comment icon Read 9 comments on this article alert Send corrections

Opinion

Alexandre Mesguich

Change is order of day as tech giants shift strategy gears
Partnership

Frank Jennings

Confused? No problem, we have 5, no 6, no 7... lots of standards

Chris Mellor

VC sequence could end not with a bang, but a whimper
Sad man stares glumly over boxed contents of desk. Image via shutterstock (Baranq)

Features

money trap conceptual illustration
Big boys snare the unwary with too-good-to-be-true deals
Angus Highland cow
Pet carriers not wanted for whitebox stampede
FBcoldstoragearray
Sorry OpenStack and Open Compute, we're not all Facebook
Gary Kovacs, CEO of AVG. Pic: World Economic Forum
Scammy download sites? Government snooping? Run of the mill for Gary Kovacs