“Essentially what we are looking at is an artificial English word generator, which follows common English grammar rules and produces words of similar appearance to those in the English language,” said Sergei Shevchenko, senior malware researcher at PC Tools.
“It is these new techniques employed by the new Kraken variant that makes it a significant threat,” he added.
Australia and New Zealand have been infected in the last 24 hours, warned PC Tools, as well as several other countries around the world including Thailand, US, UK and Lebanon.
According to PC Tools, the bot selects from a list of 33 common English nouns, verbs, adjectives and adverb suffixes, such as -able, -dom, -hood, -ment, -ship, -ly, or –ency followed with one of the domain suffixes: dyndns.org, yi.org, mooo.com, dynserv.com, com, cc or net for example.
“The random word generator is possibly designed to evade spam filters and
algorithms that have the ability to distinguish the randomness,” Shevchenko said. "[However], if a rule or algorithm cannot be built to distinguish such a word then it cannot be detected or blocked.”
Earlier in the month the size of the Kraken bot was disputed by security vendors F-secure and Damballa after Damballa claimed the bot was twice as big as the Storm worm triggering a war of words between the two.