Researchers infiltrate Kraken botnet, could clean it out

But they won't disinfect remotely, citing 'pretty big can of worms' as reason

But Endler had the last word. In a comment attached to Amini's initial blog post, Endler put it plain. "Cleansing the systems would probably help 99 per cent of the infected user base, it's just the 1 per cent of corner cases that scares me from a corporate liability standpoint," he said.

"That's the other side," Pierce said. "It's not our property, and it's not up to us" to disinfect bot-infected machines. When asked who it was up to, he answered quickly: "I don't know. I wouldn't know the answer to that."

Corporate liability is the stumbling block, he agreed. "I think most people have the same opinion [as Amini and I do]," he said. 'You have to reduce the number of bots out there, whether that's infiltration or by the operating system or at the ISP. Something needs to be done.

"But corporate liability, everybody agrees on that. Cleaning the bots would be opening up a pretty large can of worms."

Most of the TippingPoint blog readers who logged comments took Pierce's side. "Clean them. If you don't, a rival bot net owner will," said one anonymous user.

Others, however, agreed with Endler. "You not only face a moral dilemma, but updating a computer without authorization is illegal in the US," said a user identified as Roan. "I fall on the side of pro-active patching, but there is more than just the moral decision to decide upon before taking action."

In the US, the Computer Fraud and Abuse Act prohibits unauthorized access to others' PCs; also, state anti-spyware laws have been regularly used to prosecute people who have accessed machines without permission.

Pierce has posted a video (Flash file) of the fake Kraken server connecting with, then cleaning, an in-the-lab system infected with the bot.

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?