Wauchos Botnet Description
The Wauchos Botnet, also known as Andromeda and Gamarue, has been challenging security experts for some years. Criminals could buy the Wauchos Botnet code on the Black Market since 2011, and it was purchased, updated and used for numerous criminals since then. The main targets of the Wauchos Botnet are computer users located in South America and South-East Asia, and it was spread via portable media, social media, instant messaging, drive-by downloads and corrupted spam email attachments. The criminals use the Wauchos Botnet's form grabber plugin to collect login credentials and can allow the installation of other threats on the targeted system. The Wauchos Botnet encrypts its data traffic by using an RC4 key bundled with its binary. The Wauchos Botnet can render useless the functions of the User Account Control, the Windows Firewall and the Windows Update.
If you notice that you are not getting the regular updates issued by Windows or your security scanner is not working properly, the culprit can be the Wauchos Botnet. Luckily, it looks like that at least the Wauchos Botnet is targeted by several anti-malware services and its deactivation may be near. While this doesn't happen, keep your anti-malware program running and observe the recommendations of security experts about safe browsing.