Damballa Inc. an internet security company based in Georgia - specialized in BotArmies recently discovered a worldwide mega infection of botnets and had given it a name “Kraken“. Botnets are large networks of computers being command and controlled like a zombie. The name was probably derived from which Kraken(a legendary sea monster) is seen infecting more than 400,000 computers more than the current Storm Worm of 200,000 computers.
When Kraken first surfaced probably in Dec 07 and at that time only a few anti-virus programs was able to detect it as Bobak, a very similar spamming botnet. Kraken is intergrated with its own SMTP engine which gives it the ability to send spam e-mails. Unlike Bobak, Kraken is more stealthy because its communication is encrypted over the 447 TCP/UDP port.
According to Damballa, Kraken has infected 50 of the Fortune 500 companies and is predicted to infect 600,000 computers by mid-April. Dr. Safemode suggest that you take necessary precaution when opening suspicious e-mails(Kraken is distributed by e-mails) and have a combo of good anti-virus and firewall installed.
More Kraken reports at:
We recommend Comodo Firewall Pro 3 to protect from data theft. http://www.drsafemode.com/2008/01/29/comodo-firewall-pro-3/
Alternatively, if you would like to have a botnet checker tool, try TrendMicro RUBotted(beta).
http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted