Original URL: http://www.channelregister.co.uk/2008/03/13/loadscc_rises_again/
Rent-a-bot gang rises from the DDoS ashes
Beware of the 3D screensaver
Posted in Software & Security, 13th March 2008 00:15 GMT
Free whitepaper – Managing desktop software for fun and profit
A notorious malware gang that rented out botnets by the hour has resurfaced after being knocked off line two months ago by a rival band of criminals.
The Loads.cc group has been spotted by researchers at Sunbelt Software pushing toxic 3D screensavers on unsuspecting end users. The software installs malware that points to a server controlled by Loads.cc and then lies in wait for instructions from a command and control server.
"This malware gang is responsible for the distribution and installation of massive amounts of malware: Spambots, keyloggers, DDoS bots, adware and rootkits," Sunbelt's Adam Thomas writes here (http://sunbeltblog.blogspot.com/2008/03/dangerous-loadscc-malware-gang-re.html). "It cannot be stressed enough that this is very dangerous malware and to stay away from these Trojaned screensavers."
The gang came to prominence by renting out a botnet that fellow online criminals could use to install and maintain their malware. In October, it boasted more than 35,000 infected machines, according to this post (http://ddanchev.blogspot.com/2007/10/botnet-on-demand-service.html) by researcher Dancho Danchev. Prices ranged from $110 to $220 per thousand infections depending on where they were located.
The group was taken offline in January following a DDoS attack by a rival gang wielding a Barracuda botnet.
In addition to maintaining the server the 3D Screensaver trojans point to, Loads.cc also claims to be offering some sort contextual advertising consultation service, according to Danchev. ®