Tippingpoint, a company providing Intrusion Prevention Systems, has published a post on their site detailing how they successfully infiltrated the Kraken botnet and took control of over 25,000 unique bots. The Kraken botnet is arguably the world’s largest botnet with estimates ranging up to 400,000 bots under its control.
Security researchers at TippingPoint infiltrated the botnet after reverse engineering a sample of the malware and successfully took control of 25,000 unique bots within 7 days. This raised the question of was it ethical to disable the malware on these systems now that they had control of them? This is an interesting question as running code on the remote system to disable the malware can be seen as doing good, however as the code is unauthorised and they are controlling a system without the owners’ consent they are in the same legal situation as the malware writers. In the end they decided to leave alone.
From the WindowsIT Pro Security Update.
