The Andromeda botnet has resurfaced spreading malware via spam email messages containing malicious attachments and links to compromised sites hosting Blackhole Exploit Kit (BHEK) code.
Security firm Trend Micro reported detecting a new version of the Andromeda botnet spreading a number of different malwares on 11 March.
"The Andromeda botnet - first spotted in late 2011 - has recently resurfaced," wrote Trend Micro's, Romeo Dela Cruz.
"This threat arrives via a familiar means: spammed messages with malicious attachments or links to compromised websites hosting. Andromeda itself is highly modular, and can incorporate various modules."
The new version is capable of surreptitiously installing keyloggers on infected machines, Dela Cruz added.
Access to the botnet's malware is reportedly being sold on a number of cyber black markets for as little as $300.
The new version is reportedly significantly more dangerous than its predecessors, featuring several more infection, spying and anti-detection powers.
"One unusual aspect worth mentioning here is how Andromeda spreads via removable drives. Instead of simply dropping copies of itself, it drops component files instead," wrote Dela Cruz.
"The ultimate payload of Andromeda depends entirely on the commands given from the command-and-control (C&C) server it connects to. This means that a wide variety of threats can be seen on affected systems."
Trend Micro reported that the top countries affected by the new Andromeda are Australia, Turkey, and Germany.
The botnet's arrival follows widespread warnings that cyber criminals are developing new more dangerous techniques.
Most recently Ernst and Young warned that the escalation is doubly dangerous as the UK is currently suffering a cyber security skills shortage.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all