Now that researchers have reverse-engineered and potentially gained control of the Kraken botnet, the question becomes what to do next.
Their ability to control the infected computers gives them the power to redirect the computers and even send them updates through the Kraken protocol to remove the zombie. Some are in favor of the idea, while others question the ethics behind removing something, even malware, from someone's computer without their consent.
http://www.theregister.co.uk/2008/04/29 ... filtrated/ <http://www.theregister.co.uk/2008/04/29/kraken_botnet_infiltrated/>
http://www.eweek.com/c/a/Security/Krake ... cs-Debate/ <http://www.eweek.com/c/a/Security/Kraken-Botnet-Infiltration-Triggers-Ethics-Debate/>
http://www.computerworld.com/action/art ... ss_topic17 <http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9081258&source=rss_topic17>
Interesting ethical/legal question. Most folks I've talked to at my organization are on the side of the potential unintended consequences are too great, not to mention potential liability issues.