Researchers Crack Bot Network
Researchers Crack Bot Network
May 8, 2008: Security researchers have managed to worm their way into the inner workings of the Kraken botnet and take control of zombie PCs around the world, however, instead of shutting it down they have left it running loose due to ethical concerns.
With 400,000 PCs under its control, the Kraken is the world’s largest spam-spewing, denial-of-service capable botnet. Researchers Cody Pierce and Pedram Amini from TippingPoint Technologies' Digital Vaccine Laboratories were able to crack into it by reverse-engineering the communications and encryption techniques used by its creator, giving them the ability to take complete control of all infected PCs.
The problem is, when they announced their breakthrough a debate surrounding the ethics of this proactive way of dealing with malware erupted.
All infected system can be purged of the Kraken malware – a move that would put a serious dent in the bot army that is currently out there, and one that Amini supports.
“We have the ability to successfully redirect infected systems. We have the ability to provide an 'update' through the existing Kraken protocol that can simply remove the Kraken zombie,” said Amini according to eweek.com.
However, it is this type of proactive vigilantism is what is causing the ethics debate, with prominent industry voices noting the ethical problems with altering a user’s machine without their permission. Some even claim that this could have the potential to take an infected system offline, and if that system is used for a critical real-world function, lives could be put at risk.
Again on the other hand, Pierce agrees with Amini and says as the machines are already compromised any potential risk to life is already present.
“If you have a wild person driving on the street, putting everyone else at risk, you don't just turn the other way,” said Pierce.
Due to liability issues TippingPoint has left the botnet be, but if this tricky ethical conundrum can be resolved it is heartening to know that the industry has another potential tool in its arsenal to deal with the bot epidemic.
Comment on this story