Andromeda (trojan)
Appearance
Andromeda is a modular trojan which was first spotted in 2011. The behavior of this malware is its capability of checking whether it is being executed or debugged in a virtual environment by using anti-virtual machine techniques.[1] It downloads other malware from its control servers, often in order to steal information from infected computers. The most affected countries are India (24%), Vietnam (12%) and Iran (7%).[2]
Andromeda has been heavily linked to phishing campaigns, spam email attachments, illegal software downloads and various exploit kits as a means of distribution. Research into the malware design has revealed that it contains many similarities to the source code of zbot/zeus.[3]
References
[edit]- ^ "ANDROMEDA - Threat Encyclopedia - Trend Micro USA". www.trendmicro.com. Retrieved 2019-05-31.
- ^ "Kaspersky Threats — Andromeda". threats.kaspersky.com. Retrieved 2019-05-31.
- ^ "Andromeda Trojan - 2021 update". www.2-spyware.com. 4 January 2021. Retrieved 2021-12-10.