Andromeda (trojan)

Andromeda is a modular trojan which was first spotted in 2011. The behavior of this malware is its capability of checking whether it is being executed or debugged in a virtual environment by using anti-virtual machine techniques.^[1] It downloads other malware from its control servers, often in order to steal information from infected computers. The most affected countries are India (24%), Vietnam (12%) and Iran (7%).^[2]

Andromeda has been heavily linked to phishing campaigns, spam email attachments, illegal software downloads and various exploit kits as a means of distribution. Research into the malware design has revealed that it contains many similarities to the source code of zbot/zeus.^[3]

References[edit]

^ "ANDROMEDA - Threat Encyclopedia - Trend Micro USA". www.trendmicro.com. Retrieved 2019-05-31.
^ "Kaspersky Threats — Andromeda". threats.kaspersky.com. Retrieved 2019-05-31.
^ "Andromeda Trojan - 2021 update". www.2-spyware.com. 4 January 2021. Retrieved 2021-12-10.

This malware-related article is a stub. You can help Wikipedia by expanding it.

[1] "ANDROMEDA - Threat Encyclopedia - Trend Micro USA". www.trendmicro.com. Retrieved 2019-05-31.

[2] "Kaspersky Threats — Andromeda". threats.kaspersky.com. Retrieved 2019-05-31.

[3] "Andromeda Trojan - 2021 update". www.2-spyware.com. 4 January 2021. Retrieved 2021-12-10.

[1]

[2]

[3]