Trend Micro reported uncovering an advert announcing the upgrade on an unnamed cyber black market, warning businesses to be extra vigilant. "The Andromeda botnet is still active in the wild and not yet dead. In fact, it's about to undergo a major update real soon," read the blog post.
"Just recently, however, we've uncovered that there is an ongoing development in the Andromeda botnet. This latest announcement was posted just recently and basically says that Andromeda code is going to be updated heavily. They suspended the sales of plugins to focus more on developing the new version."
The authors promised the upgraded version will feature several enhanced features in the post. "The project is undergoing a global modernisation. In the near future there will be a few important but not visible changes," read the hacker's advert, translated from Russian. "We will update the admin principal. All plugins will undergo fundamental changes both in format and structure."
The changes will reportedly fix a number of bugs in the hack tool and make it quicker and easier for criminals to use. Trend Micro reported the criminals behind Andromeda also announced a sale on other tools. "Rootkit and Socks5, which are popular plugins, are also now free of charge. Previously, the rootkit was sold $300 and $1,000 for Socks5 with BackConnect," read Trend's statement.
The new version's exact release date remains unknown. The Andromeda botnet has been an ongoing problem facing businesses since first appearing in 2011. The current version of Andromeda was discovered in March.
No comments:
Post a Comment