Storm Worm Reappears
It’s baaack: The bot code used in the infamous, massive Storm botnet that was taken down nearly two years ago is being used to build another spamming botnet. Researchers have reverse-engineered the tweaked version of the original Storm code, which so far has spread somewhere between 10,000 to 20,000 machines. This is according to a post by DarkReading.
The article continues to state that researchers don’t know for sure whether it’s the same botnet gang that drove the original Storm and then its predecessor, Waledac — both of which are no more — but they have identified two-thirds of the same elements in this latest version as in the original Storm code version. Noticeably missing is Storm’s trademark peer-to-peer component: This version is all HTTP-based rather than the hybrid P2P/HTTP approach in the old botnet, which at one point swelled to a half-million bots. Storm began to fade away in the fall of 2008 after researchers were able to successfully disrupt its operations on more than one occasion.
Read the full article at DarkReading: Storm Worm Reappears
Leave a comment
We have recently made a significant change to our Incident Response Policy regarding Read more
Even if you haven’t ever used Facebook, your friends and family may have already let Read more
Just in time for the next round of SOC reviews, we’ve reviewed and updated our metric Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more