I was just reading an article on Slashdot about the Storm and Kraken botnets. The article says that Kraken is undetectable in over 80% of the machines running antivirus software. They think that the malware appears as an image to users, but with a .exe extension that is hidden.
I’m curious to know if Avast! can detect either the Storm or the Kraken malware. Do any of you know?
This whole story can now be downplayed considerably: http://www.sophos.com/security/blog/2008/02/1057.html
Of course there will be victims, but the whole story was hyped for PR purposes by securityfirm Damballa.
Just like with MayDay this story has been blown up out of proportions as Sophos and other AV-vendors detect this:
Bobax
Estimated # of bots: 185,000
Alternate names: Bobic, Oderoor, Cotmonger, Hacktool.Spammer, Kraken
SMTP engine: Template-based
Total botnet spam-sending capacity: 9 billion spams/day
Control: encrypted, TCP port 447
Rootkit-enabled: No
Identifying strings: cCdipsuxX%, w:\projects\b3\release\core.pdb
Notes: Despite reports of its demise, Bobax continues to be a strong player in the spam arena. At one time, Bobax was solidly in the business of sending mortgage spam, but lately has been seen mailing low-interest loan spam.