I can understand that -- right on.
One must understand that this whole thing is a moving
target, and perhaps the reporting features are just now
maturing (now Gadi, don't make a liar out of me).
Insofar as as detection methodologies, I'll have to defer
to Gadi to elaboarate (illustrate?) them for a wide audience.
p.s. For what it's worth, I got a bit bloody last month
neutralizing a pertty large Pertibot infection in a client
network -- it was, at that point, new and undetectable by
most AV vendor ID mechanisms. Like I said, moving target, etc.