A massive proxy botnet is just the tip of the iceberg, a warning sign of a bigger operation in the works by the Ramnit operators, researchers say. The Black botnet campaign using Ramnit malware racked up 100,000 infections in the two months through July. Ramnit has extensive information exfiltration capabilities stemming from its heritage as a banking trojan; but it also backdoors infected machines. In this case, it sets up a path for a malware called Ngioweb, marking a new chapter for the venerable old code.
Source: https://threatpost.com/ramnit-changes-shape-with-widespread-black-botnet/134727/