Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Like many botnets, Kraken is principally used to send spam. Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Kraken is another variant of polymorphic malware, which constantly changes to avoid detection and removal. Kraken appears as an image file to its victims, hiding the the .exe extension from view. The actual payload of the file is encrypted. Once the file is opened, Kraken copies itself to the local machine, restarts and then deletes the original copy. The botnet created with Kraken demonstrates considerable resiliency, using built-in redundancy features to automatically generate new domain names if the botmaster's server is shut down or disabled.
To date, Damballa estimates that Kraken has infected over 400,000 machines, including those of at least 50 of the Fortune 500. Damballa also reports that the malware is undetectable by the antivirus software installed on over 80 percent of infected machines.