Storm Worm Assembles Bots for DoS Attacks
According to security vendor SecureWorks, the Storm Worm attacks during 2005-2007 has apparently 'prolonged online blockade' with the threat being ten times more than an e-mail attack of any other type. It has amassed nearly 2 Million PCs to build a botnet that experts fear would launch DDoS (Distributed Denial-of-Service) attacks.
However, there have been only small DoS (Denial of Service) attacks from the botnet where its percentage use has also been small. The attacks have apparently targeted small sized organizations or IP addresses at random. A large attack on any target(s) could represent a different situation.
When a compromised PC is included in a botnet, which usually happens in the absence of the owner's knowledge, it acts as a medium to launch more attacks. Should hackers use their botnet to target an organization, they could take advantage of the set up for malicious purposes, said Adam Swidler, researcher at Postini, the software security firm. Online-casino published this in news on August 5, 2007.
SecureWorks has estimated a skyrocketing number of zombie PCs that the creators of Storm Worm have assembled in July 2007. During the period starting January 1, 2007 to the end of May 2007, about 2,815 bots were collected to launch DoS attacks. As July came to an end, these bots grew by 1.7 Million.
The enormous botnet that the Storm Worm writers are cultivating is used for purposes other than just distributing spam. The bots are built to launch DoS attacks with the anticipation of controlling users' machines. These attacks are programmed to flood each PC with uncountable questions that disables it from responding, thereby bringing the system to a halt.
Storm makes use of social engineering as the most suitable method for it to spread. Therefore, computer users must be vigilant and suspect any unsolicited e-mail that includes a link or an attachment. Even if the e-mail mentions something familiar or promises to offer some critical information or data, it is always important to verify it from the sender, said Joe Stewart, a senior security researcher at SecureWorks. Information Week published this in news on August 2, 2007.
Related article: Storm Worm Returns with Follow-Up Attack
» SPAMfighter News - 18-08-2007