Feeds

back to article Notorious Kraken botnet rises from the ashes

The Kraken botnet, believed by many to be the single biggest zombie network until it was dismantled last year, is staging a comeback that has claimed almost 320,000 PCs, a security researcher said. Since April, this son-of-Kraken botnet has infected an estimated 318,058 machines - about half as big as the original Kraken was at …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

this is a title

So one group hires the services of another to do what they're good at. And ``researchers'' are scratching their heads over that audacious, outrageous bit of sheer commercial logic. Huh.

Also, ``subdomain'' is the proper term. HTH, HAND.

0
0
Anonymous Coward

All because the average user has no idea what they are doing.....

Sorry its not good enough to cry that tech should be available to all.

If you dont have the faintest idea, you shouldnt be allowed to surf.

We don't let drivers without a licence on our roads!

0
2

"We don't let drivers without a licence on our roads!"

but stupid irresponsible people still get cars.

so what does a licence prove?

only that you can drive safely at least once in your life.

0
0
Silver badge
FAIL

Yes and...

... commentards shouldn't be allowed to post on El Reg's forums if they don't have the faintest idea of what they're talking about either!

1
1

kraken?

ashes?

they'll be wet ashes then.

2
0

Oh no, they've discovered subdomains!

Domain owners are responsible for their subdomains.

A solution will be found when registrars threaten to kill off the whole of dyndns.org/no-ip.com etc.

0
1
Alert

dynamic DNS services

so if the Dyn dns services all start playing ball they can come down faster than using the registra? presumably they have offence reporting proceedures.

0
0
Grenade

Are you saying

that I could register anonymous.coward.microsoft.com via dynamic dns? Why the F*** would that be allowed?

0
0
Anonymous Coward

RE: Are you saying

Not that I'm aware of. If you take a gander at places like afraid.org (who offers free DNS hosting) you'll see there are many publicly available domains with which to create a subdomain with. I have had some run-ins with botnets that relied on IRC command channels using domains from that site. One variant used the subdomain "icp.chickenkiller.com" which has since been directed to 127.0.0.1 for obvious reasons. Another instance used the subdomain "irc.mouse-hole.com" which is still pointed to 69.39.227.123, an old (prior to them being raided) FOONet IP address.

That being said, it looks like at least one dynamic DNS hosting site is trying to do something to combat bot herders using their services.

1
0
This topic is closed for new posts.