Simda, a threat first reported by SophosLabs back in 2011, has now morphed into an extensive family of variants. Simda accounted for 2% of the malware distributed online via so-called exploit kits. The malware has been used for a variety of value-add cybercrimes over the years. Its installed rootkits (malware-hiding malware) onto infected computers; watched out for banking transactions in order to steal login details; delivered malware for other crooks on a pay-per-install basis; and deliberately redirected web traffic away from sites like Facebook and Google Analytics.”]
Source: https://nakedsecurity.sophos.com/2015/04/15/interpol-announces-successful-takedown-of-simda-botnet/