The last two months has seen a huge rise in the number of computers infected with the Storm Worm, and now part of a huge botnet.
The Storm Worm bot appears to be threatening to become a major problem.
It’s grown larger than anything similar in the last two years, and has built of botnet of around two million computers.
According to computer security company
Secureworks, the last two months has seen a massive jump in the number of zombie computers on the botnet. During the first five months of this year, they tracked 2,815 bots that launched attacks of the Storm Worm. In the last two months that figure has skyrocketed to 1.7 million.
“It's been building with exponential growth," said Joe Stewart, senior researcher for SecureWorks. “It's one of the largest botnets I've ever heard of.”
Another company,
Postini, tracked a staggering 46.2 million malicious messages, over 99% of them from Storm Worm.
First discovered on January 17 of this year, it infected thousands of computers in the U.S. and Europe two days later, using an e-mail message that said “230 dead as storms batter Europe.” There were six waves of the initial attack, so that by January 22 the Storm Worm accounted for 8% of all infections globally.
The worm arrives as an e-mail attachment. When opened, it installs the wincom32 service, and injects a payload, passing on packets to destinations encoded within the malware itself. The infected machine becomes part of a botnet. However, it’s not controled centrally – the Storm Worm botnet is more like a peer-to-peer network with no central hub, making it harder to take down.
The bots are set up to launch denial of service attacks, which scares researchers, since that many computers turned on a single organization could be catastrophic.
RSS Feed
Be the first to comment on the article!