Storm Worm Spam Increase Bots Four-time this Season
The deluge of fake e-greeting cards sent out as spam during the holidays might have been responsible for a four-time increase in the number of computers running Microsoft's Windows to contact with the Storm worm infection, a new research indicates.
According to German Honeynet Project's researchers, the storm-created botnet - large group of compromised computers that the authors of Storm control remotely - comprised of around 5,000-10,000 systems. These estimates were as of mid December 2007. The German Honeynet Project is engaged to track the activity and size of Storm-infected PCs for many months.
Prior to Christmas Eve, the Storm started to thrust its activities again. E-mail boxes across the world began to be clogged with bogus e-greeting cards displaying holiday greetings but laced with the Storm worm. After a short period, another surge of fake greeting cards heralding the New Year was spammed out with the worm loaded.
These spam mails contained various kinds of wishes for Christmas and New Year. The infected e-mails are pushed out for the Storm botnet to grow in size. The bot herders try to trick innocent users with their social engineering tactics hoping that they would respond by clicking the link embedded in such e-mails. As soon as the users do so, they are led to a tricky website that includes a link pointing to the real Storm binary. The new site also contains exploits for compromising browsers, which help to hack a visitor's browser so that the Storm binary could be installed.
Apparently, this campaign largely exploded the Storm authored botnet, which currently has nearly 40,000 bot-infected PCs, said Founder of the Honeynet Project, Thorsten Holz. Washingtonpost reported this on January 4, 2008.
In 2007, the Storm worm Trojan had garnered extensive review by the media. The Trojan attack uses e-mail system to distribute swarms of infected messages to targeted recipients to help build and strengthen the Trojan creators' botnet. While stealing account details and identity theft remain the primary objectives of most hackers, a new report of the US Federal Trade Commission suggests that there has been a drop in losses from identity fraud.
Related article: Storm Worm Returns with Follow-Up Attack
» SPAMfighter News - 15-01-2008