A new botnet based on the Socks protocol has been created in China and spread around the world.

Socks, or simply "The Sock Monster", is a type of botnet that has been widely used by cybercriminals for the past few years, primarily in China where it was created. It can be spread across computers through vulnerable remote access software such as Internet Explorer, making each machine part of a botnet that spreads itself and gathers information on other vulnerable machines. Andoryu is a new variation of the Socks protocol that has been active for almost three months and is part of the Poshuang family of botnets. The botnet works by targeting vulnerable servers in the network and accessing a Google Sheets file in order to install itself on the targeted server.

It's a very dangerous kind of malware because it targets all versions of Windows including Windows 10, which means that no current form of protection can be entirely effective. For this reason, it's more important than ever to eliminate all vulnerabilities on your system immediately either through operating system updates or through updating your anti-virus software.

‍

Source: Andoryu Botnet. A New Botnet Based on Socks Protocol - AlienVault - Open Threat Exchange