Summary - Andromeda, also known as Gamarue, is a modular botnet whose functionailities can be modified via plugins. Some of its functions include: keylogging, rootkit, teamviewer and spreader. Andromeda was spread many different ways such as malspam, trojan downloads and exploit kits. The primary goal of Andromeda was to distribute other malware families, on top of stealing personal information. In November 2017, in a joint operation, international law enforcement took down the Andromeda botnet by taking control of servers and domains used as C&Cs for the botnet.
Glossary Blog Back to the Malware Manifesto