Storm Malware Continues to Maintain Strong Foothold

According to the Global Threat Report by ESET, the Storm worm circulating on the Internet was the greatest threat in 2007.

The report suggests that the authors of Storm worm used numerous social engineering tricks to get users into opening attachments or clicking malicious links in e-mails. The primary objective of this malware appears to create a powerful botnet, i.e., network of zombie or compromised computers.

The worm was used in e-mails that sent fraud information about stocks through pump-and-dump scams. It was also used to load additional malware onto victims' computers with the objective to steal their online banking details.

The malicious Storm program drew a great deal of media attention in January 2007 when spam mails laden with the worm were pushed out pretending to relate news about the Kyrill storm.

ESET notes that the Storm virus communicates information over a network that has decentralized functions, thereby making it quite difficult to count all the host machines it infected.

According to some researchers, there are over one million bot-infected systems, while at Microsoft, researchers say that only a few hundred thousand hosts have been brought under the malware's control.

Chief Research Officer, Andrew Lee, of ESET, commented that the Storm worm fairly indicates how modern threats employ advanced technologies to contaminate PCs and retain a strong hold on hijacked systems through whatever means available. Sourcewire published this in news on January 24, 2008.

Lee further said that the malware is unique as its creators along with the bot herders are paying enormous attention to ensure adequate maintenance of their botnet by often releasing updates that would help in bypassing detection by intrusion detection and anti-malware systems. He said that an indication of the diversified and sophisticated structure as well as auto-updating mechanism of Storm botnet is that several distinct names, even a single security product might be able to detect its different components. Sourcewire reported this.

In addition to highlighting the spread of Storm worm in 2007, ESET's report also notes that Windows-based computers weren't the sole targets during the year, with October witnessing attacks on Apple systems running Mac OS X.

Related article: Storm Worm Returns with Follow-Up Attack

» SPAMfighter News - 2/5/2008