14 DAY TRIAL // Security experts from Trend Micro reveal that the Andromeda botnet, first identified in 2011, has resurfaced. The latest version of the Andromeda malware is 2.60 and it has been mainly spotted in Australia, Turkey and Germany.
The malware that powers the botnet, BKDR_ANDROM.DA, is distributed with the aid of spam messages that carry malicious attachments or links that point to websites that host the BlackHole exploit kit.
Once it infects a computer, it can perform various tasks, including keylogging, frabbing forms, installing rootkits, and downloading other malicious elements such as the notorious ZeuS Trojan.
The malware itself costs up to $500 (384 EUR). However, customers must pay an additional sum of money if they want extra modules.
Besides spam emails, the threat is also capable of spreading via removable drives.
According to experts, the malware doesn’t copy itself onto the targeted device. Instead, it drops component files in an effort to make analysis and removal more difficult.