Threat Management, Malware

Dismantled Andromeda botnet will ‘slowly disappear’ over time, says ESET researcher

What remains of the Andromeda botnet that was largely dismantled in a November 2017 global law enforcement operation will probably "slowly disappear" as remediation continues into 2018, predicted one cybersecurity company that assisted in the investigation.

In a Jan. 4 company blog post, ESET Senior Malware Researcher Jean-Ian Boutin offered key insights into the global crackdown on Andromeda, aka Wauchos and Gamarue, which resulted in the sinkholing of 1,500 malicious domains, the arrest of a suspect in Belarus, and the identification and capture of roughly 2 million unique victim IP addresses in 223 countries.

Boutin's outlook on the bot was a relatively optimistic one: "For this type of long-lived botnet, it is very hard to clean all the systems that have been compromised by Wauchos," he explained, "but as long as the good guys are in control of the C&C servers, at least no new harm can be done to those compromised PCs."

ESET began assisting Europol, the FBI, and other global authorities back in 2015, providing technical support by analyzing malware and pinpointing botnet command-and-control servers. "As this threat was sold in underground forums, it was important to make sure that all Wauchos C&C servers were identified and taken down simultaneously. We helped with this effort through our botnet tracker system," said Boutin.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.