Kraken bot cracked open to reveal source code

Security vendor PC Tools has published the source code and mathematical algorithm used in the domain name generation technique applied by the latest Kraken bot variant, Bobax. Analysis by researchers at PC Tools has uncovered how Bobax talks to control centres via HTTP using pseudo-random DNS names with a variable seven to twelve character length followed by a number of default suffixes in order to evade host intrusion prevention systems. Of course, commands and data will be encrypted for transmission but there are also randomly generated faked headers employed in a further attempt to stay well below the security scanner radar.