Definition

Kraken

Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Like many botnets, Kraken is principally used to send spam. Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day.

Kraken is another variant of polymorphic malware, which constantly changes to avoid detection and removal. Kraken appears as an image file to its victims, hiding the the .exe extension from view. The actual payload of the file is encrypted. Once the file is opened, Kraken copies itself to the local machine, restarts and then deletes the original copy. The botnet created with Kraken demonstrates considerable resiliency, using built-in redundancy features to automatically generate new domain names if the botmaster's server is shut down or disabled.

To date, Damballa estimates that Kraken has infected over 400,000 machines, including those of at least 50 of the Fortune 500. Damballa also reports that the malware is undetectable by the antivirus software installed on over 80 percent of infected machines.

This was last updated in April 2008
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: