 - Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Like many botnets, Kraken is principally used to send spam. Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day.
Kraken is another variant of polymorphic malware, which constantly changes to avoid detection and removal. Kraken appears as an image file to its victims, hiding the the .exe extension from view. The actual payload of the file is encrypted. Once the file is opened, Kraken copies itself to the local machine, restarts and then deletes the original copy. The botnet created with Kraken demonstrates considerable resiliency, using built-in redundancy features to automatically generate new domain names if the botmaster's server is shut down or disabled.
To date, Damballa estimates that Kraken has infected over 400,000 machines, including those of at least 50 of the Fortune 500. Damballa also reports that the malware is undetectable by the antivirus software installed on over 80 percent of infected machines.
| LAST UPDATED: |
09 Apr 2008
|
 |
Read more about Kraken:
|
|
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
 |
 |
| |
RELATED GLOSSARY TERMS
| Terms from Whatis.com − the technology online dictionary |
 |
bot worm
(SearchSecurity.com)
A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself...
|
|
directory traversal
(SearchSecurity.com)
Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the...
|
|
|
