Andromeda Bot-Herders about to Launch New Version
Investigators from Trend Micro the security company are reporting that Andromeda bot developers may soon make their malicious ware up-to-date that can be one major one.
The mentioned bot was first uncovered during 2011 while its network of hijacked PCs has lately become prominent following the most recent alterations made to the threat.
Formerly, the Andromeda update project was nearly getting stopped; however, a successor to the botnet's creator could be hunted down, although Andromeda's creator didn't formally retire. Within an earlier post, he had stated that in case nobody came forward for buying the program, he would discontinue the service.
Only lately, though, Trend Micro's investigators revealed there was one currently going evolution of the Andromeda network of bots. The revelation chiefly indicated that the Andromeda software was about to get upgraded immensely. The botnet's developers withdrew the plug-ins from sale only that they could concentrate further towards enhancing the new variant.
They posted in an advert that in Russian language stated that the project was being put through a worldwide renovation. Sooner than not, there would occur some vital though essentially invisible alterations. The administrative basics would be updated. There would be fundamental alterations to all plug-ins in structure as well as format.
It was reported that the alterations would patch several vulnerabilities inside the hack program followed with making it faster as well as simpler for miscreants when they used it. According to Trend Micro, the Andromeda perpetrators further declared availability of their other tools for sale.
The security company stated that the most wanted plug-ins, Socks5 and Rootkit, were currently freely available. Earlier the prices set were $1,000 and $300 respectively with BackConnect for Socks5, it posted. V3.co.uk published this dated August 1, 2013.
It wasn't known when the new variant would be exactly launched. The present Andromeda variant was 2.60 while its chief areas of use had been Germany, Turkey and Australia. BKDR_ANDROM.DA was the malware empowering the 2.60 edition, and it was spread through spam mails, which contained web-links/attachments leading onto sites harboring the BlackHole attack toolkit, Trend Micro had outlined earlier during March 2013.
» SPAMfighter News - 12-08-2013