Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Botnet Dwarfs Storm

Posted by CmdrTaco on from the that's-a-lotta-zombies dept.

ancientribe writes "Storm is no longer the world's largest botnet: Researchers at Damballa have discovered Kraken, a botnet of 400,000 zombies — twice the size of Storm. But even more disturbing is that it has infected machines at 50 of the Fortune 500, and is undetectable in over 80 percent of machines running antivirus software. Kraken appears to be evading detection by a combination of clever obfuscation techniques that hinder its detection and analysis by researchers."

15 of 607 comments (clear)

  1. Designate Windows OS as Terrorist Tool by weyesone · · Score: 5, Funny

    Forbid Windows OSs from running in the USA because it's a defacto tool for terrorism.

  2. I am not trying to obnoxious. by AndGodSed · · Score: 5, Insightful

    How many of those zombies are Linux platforms?

    --

    Seven Days with Ubuntu Unity

    1. Re:I am not trying to obnoxious. by Anonymous Coward · · Score: 5, Funny

      I've tried to run several exploits under WINE, only to have them crash.

      The WINE developers really need to work on the compatibility... :P

  3. Detection? by Brit_in_the_USA · · Score: 5, Insightful

    With an "80%" miss rate by AV tools, It would be very helpful to know what software anti-virus programs do detect Storm and Kraken? So that responsible users can check their PC's.

  4. Re:How does it get in? Duh! by ceoyoyo · · Score: 5, Funny

    They should just ban that .exe image file format. It's nothing but trouble. It doesn't even always reproduce the image!

  5. Aggravating... by MachineShedFred · · Score: 5, Insightful

    Does anyone else find it absolutely aggravating that these stories

    1. Never tell you how you know if you're infected, and
    2. Never tell you how to clean up your shit if you are.

    However, they always give massively generalized statistics on how vulnerable you are!

    Thanks, asshats.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  6. Re:Scary by Pojut · · Score: 5, Interesting

    Dispose of Windows, install a more secure OS, and take the time to learn to properly use your new OS


    Or you could just learn how to properly secure XP and not go clicking all willy-nilly on every email you receive.

    With a combination of three free programs and a bit of common sense, I haven't gotten a single virus or bit of spyware on my XP box in literally years. ZoneAlarm, AVG, and Spybot make a fantastic defense.
    --
    Living With a Nerd
  7. Re:Designate Windows OS as Terrorist Tool by Arancaytar · · Score: 5, Interesting

    Last I heard, they were arguing the exact opposite - non-Windows systems are too hard for the government to break into.

    And who knows, perhaps Kraken is sending your data to HLS on the side? If I made a government spy virus, I'd disguise it as a spambot too... the signal is lost in the noise.

    This, needless to say, could also explain the surprisingly low discovery rate on standard AV tools.

    [/tinfoil hat]

  8. Re:Scary by Kugrian · · Score: 5, Funny

    With a combination of three free programs and a bit of common sense, I haven't gotten a single virus or bit of spyware on my XP box in literally years. ZoneAlarm, AVG, and Spybot make a fantastic defense.

    ..and is undetectable in over 80 percent of machines running antivirus software.
  9. Re:Or Unix or Mac ... by Lumpy · · Score: 5, Interesting

    yes actually.

    Viriuses and bots are Incredibly easy to get installed and infected on a PC. It's brain dead easy.

    It's far harder to get a linux or OSX or BSD infection going as you trigger the "you are trying to install "XXXX" enter your admin information to allow this to install for applications that are going to get it's hooks in the system. all other applications ca reside in a location that is safer and installable by the user only. and YES you can do this in linux, a user can download compile and run or even install an app to the user directory and use it just fine.

    all OSX users I know dont simply click yes to everything because the software makers have 1/2 a brain for those platforms. windows apps all think they need to shove crap all over the pc. and therefore pc users are usedto having even a fricking mp3 playing app shoving thing in the windows system directory, changing the registry, etc...

    stop that stupid behavior (return to farking ini files in the app directory instead of the incredibly stupid registry) and stop installing 65,000 random dll's in the system directories.

    --
    Do not look at laser with remaining good eye.
  10. Re:Or Unix or Mac ... by shrykk · · Score: 5, Insightful

    Do you honestly think that if Windows were to vanish off the face of the earth tomorrow all these virus authors and botnet operators would suddenly throw their hands up and say "oh well, guess we'll have to find something else to do?"

    Well done, you've managed to switch the argument from the factual to the hypothetical.

    This is the standard debate tactic in this situation. Get everyone tangled in debating the possibility of potential but non-existant Mac and Linux malware, judging its likelihood against factual and vastly damaging Windows viruses, worms and botnets.

    Just acquit Microsoft of all culpability for poor and short-sighted decisions, incurring costs in the billions, for millions of users, by saying, "eh, it was inevitable."

    --
    #define struct union /* Reduce memory usage */
  11. Re:Designate Windows OS as Terrorist Tool by Trigun · · Score: 5, Funny

    FTA: "The primary C&C servers are hosted in France, Russia, and the U.S., according to Damballa."

    The new Axis of Evil?

  12. Re:Designate Windows OS as Terrorist Tool by jandrese · · Score: 5, Insightful

    I find it easier to believe that that antivirus tools just suck.

    --

    I read the internet for the articles.
  13. Re:Designate Windows OS as Terrorist Tool by Anonymous Coward · · Score: 5, Interesting

    Well, at least you have an opinion. It's really the mark of users that plain suck. Give all those same users who click on everything and anything that sounds vaguely interesting a nice, shiny new Ubuntu machine - ALL of the users mind you - so replace most people's Windows machines. See how long it takes those same people to be rooted. Now what will you complain about? Their sucky OS? Or their lack of ability to treat their computing resources as carefully as they SHOULD be treating their government ID's such as SSN's in the US and bank info, etc.? It's the users - not the OS.

  14. Re:Designate Windows OS as Terrorist Tool by BattleApple · · Score: 5, Funny

    But more complex instructions like "save this to your filesystem, then open a terminal window and type 'chmod +x free_porn.sh', and then double-click it for free porn!" gives your victim just that little bit longer to realise that they're being conned
    Don't underestimate me.. I've performed WAY more complex operations than that in order to obtain free porn.