Malware Creators Make Plans to Aggressively Update Spam-Flooding Andromeda Botnet
Security experts from Trend Micro have revealed the re-emergence of the Andromeda Botnet, once responsible for flooding systems with spam messages carrying malicious attachments and links hosting the BlackHole Exploit Kit. Now it appears the Andromeda Botnet is receiving a makeover to ramp up its efforts to attack computers on a new scale.
From the looks of chatter on Russian hacker forums, the author and creators of Andromeda Botnet is in the process of getting an update to fix previous bugs to make it extremely powerful and more stable than competitors. In a way, the chatter about Andromeda Botnet getting an update sounds much like legitimate software on the market, such as the case of Windows receiving an update.
The update to the Andromeda botnet is aptly called a 'global modernization' on the Russian forums, which pays homage to is world-wide reach at the time it had reemerged back in March of this year. The pie chart below in Figure 1 shows just how wide-spread Andromeda was at the time of its popping back up on the radar screen months ago where Australia (blue) and Turkey (red) were its main targets.
Figure 1 - Andromeda Botnet top targeted countries in March 2013 - Source: Trend Micro
It has been understood that the main module, as well as the plugin components of Andromeda, will be receiving an overhaul. If you follow how Botnets operate, then you would understand there are many components that must all come together for the functions of a botnet to complete its malicious duties. That means the control server dishing out new instructions to compromised systems must be updated to contact an equally updated module residing on the infected computer. Basically, both ends must be on the same play book or the game will be over before it started.
Crafty hackers are always on the trail to keep a path clear to their main objective. Sometimes keeping the path clear requires some housekeeping in the form of updating their malware creations. The Andromeda botnet has been placed on the radar screens for security researchers as we suspect to see a contrast to the amount of spam circulated in the top targeted regions of the world as shown in Figure 1 above.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.