New Kraken worm evading harpoons of antivirus programs
Researchers at Damballa Solutions have uncovered evidence of a powerful new botnet they've nicknamed Kracken. The company estimates that Kraken has infected 400,000 systems, which would make it twice the size of Storm during that botnet's hayday. (The final size of Storm's botnet is disputed; Damballa estimates Storm infected up to 200,000 machines).
Specific details on the newly discovered botnet are still hard to come by, but rhetoric isn't. Damballa currently predicts that Kraken will continue to infect new machines (up to 600,000 by mid-April). Compromised systems have been observed sending up to 500,000 emails a day, and 10 percent of the Fortune 500 are currently infected. The botnet appears to have multiple, redundant CnC (Command and Control) servers hosted in France, Russia, and the United States. Damballa has been in secret negotiations with the French servers, which have agreed to deactivate themselves at the first sign of a workable antivirus detection system.