Screensaver spam is new malware from old gang: Sunbelt

By
Follow google news

A new wave of "3D screensaver" spam is directing recipients to a malware site from a notorious malware gang that had ceased activity in January after their site was attack by a rival group of cybercriminals, researchers at Sunbelt reported.

Screensaver spam is new malware from old gang: Sunbelt
A new wave of “3D screensaver” spam is directing recipients to a new malware site from a notorious malware gang that had ceased activity in January after their site was attack by a rival group of cybercriminals, researchers at Sunbelt reported Monday.

According to the Sunbelt malware research team, the screensaver spam is pointing to a site put up by Loads.cc website, indicating that the gang, said to be responsible for distribution and installation of numerous spambots, keyloggers, DDoS bots, adware and rootkits, is back in business.

The group behind Loads.cc, believed to be based in Russia, shut down their original domain address in January after suffering suffered a DDoS attack from a rival malware gang utilising a Barracuda botnet, the Sunbelt team said.

After one of the infected screensavers is installed by the recipient, malware activates an HTTP GET request for a PHP script (manda.php), which may return a URL of additional malware for the bot to retrieve and install.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
screensaversecuritysunbelt

Sponsored Whitepapers

Make cloud predictable again
Make cloud predictable again
Cut through the SASE confusion
Cut through the SASE confusion
AI Readiness Starts Here: Build a Future-Proof, Value-Driven AI Strategy with Brennan
AI Readiness Starts Here: Build a Future-Proof, Value-Driven AI Strategy with Brennan
Build the Infrastructure for Your AI Revolution
Build the Infrastructure for Your AI Revolution
2026 Engineering Reality Report
2026 Engineering Reality Report

Events

Most Read Articles

Australia's AUKUS base to connect to subsea cables

Australia's AUKUS base to connect to subsea cables
Commercial spyware targeted Samsung Galaxy users for months

Commercial spyware targeted Samsung Galaxy users for months
Queensland gov reveals strategy to harden cyber defences

Queensland gov reveals strategy to harden cyber defences
Researcher trawls cybercrime sites, collects billions of stolen credentials

Researcher trawls cybercrime sites, collects billions of stolen credentials
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?