VERY IMPORTANT

The Andromeda botnet is a well-known botnet that surfaced around 2011 and has delivered well-known backdoor variants like Gamarue. In past revivals, the botnet has been distributed through malicious emails containing attachments or links to compromised websites hosting exploit kit content. What makes this botnet successful is its highly configurable and modular design that can fit any malicious intent, like distributing Zeus or, more recently, distributing a Lethic bot. Earlier this year, the Andromeda botnet was seen using macro-based malware, which is yet again an old trick. What makes this interesting is how the dated botnet and macro malware trick are used together. Indeed, the past few months seem to be quite busy for the Andromeda botnet and its recent activity indicates intent in the United States.