The Andromeda botnet still lingers as nations struggle to clean infected PCs

A recent threat landscape report published by Fortinet suggests that although the FBI and European law enforcement ended the Andromeda botnet’s reign in late 2017, there are still systems infected with the malware. The firm indicates that the process of cleaning up the infected PCs isn’t progressing at the same pace across regions, as it’s still a large problem in Africa, Asia, and the Middle East.

At its core, Andromeda — or rather Gamarue —  is a platform to deliver a galaxy of malware variants (actually just a mere 80) including ransomware, banking trojans, spam bots, click-fraud malware and more. Between June 2017 and its supposed demise before the start of 2018, Andromeda was on a roll, as it was detected and blocked on more than 1 million machines each month on average.

According to Microsoft, the Andromeda command and control structure spanned 1,214 domains and IP addresses. It also comprised of 464 “distinct” botnets as well as the 80-plus associated malware families. Andromeda was sold on the black market as a “crime kit” that included a bot builder, a command-and-control application, and documentation on how to create a botnet.

What made Andromeda an extremity attractive sell was its modular nature. The kit came with two plug-ins, one of which could turn a PC into a proxy server. For an additional $150, hackers could purchase the keylogger plug-in or grab the Formgetter plug-in for another $250, which captured data submitted through web browsers.

Hackers spread Andromeda through various methods such as social media messages with malicious links, spam email with similar links, trojan downloaders and more. Once it infected a machine, Andromeda contacted a command and control server to become part of a larger network of infected PCs. Once that happened, hackers could do anything with the seized army of machines.

But as the report indicates, getting rid of Andromeda is no simple feat. In Africa alone, Andromeda has the highest prevalence with 25.6 percent followed by the H-worm at 13.8 percent and Ramnit at 10.07 percent. Andromeda tops the charts in Asia followed by Ramnit (9.83 percent) and the H-worm (7.4 percent).

The report suggests that problem with these high percentages is likely tied to the response and remediation capabilities of these countries.

Outside noting the slow progression of cleaning up the Andromeda debris, the report tips its hat at VPNFilter, a Russian-developed nation-state-sponsored attack that targets networking routers. The FBI previously distributed a warning to U.S. citizens, calling on Americans to reboot their routers to cut off possible ties to the malware’s command and control servers.

The report also calls the Smominru botnet a “notable addition,” a Monero mining malware targeting Windows-based PCs. It was spread through the EternalBlue exploit, and as a botnet mined around 24 XMR each day. As of this publication, the value of a single XMR was $81, meaning the hackers were generating around $1,944 per day.

Other botnets that are permanent fixtures on the firm’s Threat Landscape Report each month include Gh0st, Pushdo, Necurs, and three others.


Leaked rating could point to ‘PlayerUnknown’s Battlegrounds’ on PS4

A rating for PlayerUnknown's Battlegrounds on PlayStation 4 has been spotted on the Korean Game Rating and Administrated Committee website. The game is currently only available on Xbox One and PC.

The best laptop deals for September 2018

Whether you're getting ready for a new school year, shopping for a special student, or just need a new computer, we've got you covered: These are the best laptop deals going, from discounted MacBooks to an on-the-go gaming PC.

Our favorite gaming desktops make the latest consoles look pathetic

PC gaming doesn't always come cheap, but it doesn't have to be extortionate either. In this guide we've put together a list of the best gaming PCs you can buy, with everything from the big and flashy, to the super compact.

‘Assassin’s Creed Odyssey’: Everything you need to know

Ubisoft will release Assassin's Creed Odyssey in October for consoles and PC. Here is everything you need to know about the next chapter of Assassin's Creed, including the story and setting.

Tap Strap wearable keyboard gains support for VR applications

TAP System's wearable keyboard gains support for virtual reality, now compatible with Windows Mixed Reality, Oculus Rift, and HTV headsets. Type and tap for up to eight hours in VR without needing to look at a physical keyboard.

Wi-Fi vulnerability could allow attackers to steal your data on unencrypted sites

A 20-year-old security flaw in the design of the Wi-Fi standard and how computers communicate using the transmission control protocol could allow hackers to perform a web cache poisoning attack to steal your data and login information.
Product Review

The powerhouse Alienware 17 R5 will leave your desktop in the dust

With a 17-inch display and a chassis weighing in at nearly 10 pounds, the Alienware 17 R5 is truly massive. Between its weight and its hardware, it’s certainly outfitted like a gaming desktop so let’s find out if it performs like one.

Walmart takes $380 off the MacBook Air for a limited time

Walmart is offering a steep discount on the MacBook Air. Though the $380 discount is lovely, this offer comes with an extra charger to sweeten the deal. If you're looking to pick up an Apple MacBook for less, now is an excellent time.

PDF to JPG conversion is quick and easy using these simple methods

Converting file formats can be an absolute pain, but it doesn't have to be. We've put together a comprehensive guide on how to convert a PDF to JPG, no matter which operating system you're running.

Documentation shows data recovery possible for Macs with T2 coprocessor

New documentation from Apple shows that data recovery is indeed possible for Macs with T2 Coprocessor thanks to internal diagnostics software, giving users of the 2018 MacBook Pro new hope in the event of a system failure.

Smart Reply not smart enough? Desktop Gmail users can soon opt out

Google will soon give desktop Gmail users the ability to opt out of Smart Reply. If you'd prefer to compose a short email the old-fashioned way, you can do so without seeing the auto-generated suggestions in the future.

Edit, sign, append, and save with 12 of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Product Review

The HP Chromebook x2 takes Chrome to the next level

HP’s Chromebook x2 acts a lot like Microsoft’s Surface Book 2, with a well-equipped tablet that plugs into a keyboard base that’s heavy enough to keep the combination mostly stable. Is this premium Chromebook the best one you can buy?

Pain in the wrists? Type in comfort with one of these great ergonomic keyboards

Long typing sessions can leave anyone's wrists aching, but if you have one of the best ergonomic keyboards, that doesn't have to be the case. Our list of favorites will support good typing posture while being comfortable to use.