Screensaver spam is new malware from old gang: Sunbelt

By

A new wave of "3D screensaver" spam is directing recipients to a malware site from a notorious malware gang that had ceased activity in January after their site was attack by a rival group of cybercriminals, researchers at Sunbelt reported.

Screensaver spam is new malware from old gang: Sunbelt
A new wave of “3D screensaver” spam is directing recipients to a new malware site from a notorious malware gang that had ceased activity in January after their site was attack by a rival group of cybercriminals, researchers at Sunbelt reported Monday.

According to the Sunbelt malware research team, the screensaver spam is pointing to a site put up by Loads.cc website, indicating that the gang, said to be responsible for distribution and installation of numerous spambots, keyloggers, DDoS bots, adware and rootkits, is back in business.

The group behind Loads.cc, believed to be based in Russia, shut down their original domain address in January after suffering suffered a DDoS attack from a rival malware gang utilising a Barracuda botnet, the Sunbelt team said.

After one of the infected screensavers is installed by the recipient, malware activates an HTTP GET request for a PHP script (manda.php), which may return a URL of additional malware for the bot to retrieve and install.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?