*** Welcome to piglix ***

Storm botnet


The Storm botnet or Storm worm botnet (also known as Dorf botnet and Ecard malware) is a remotely controlled network of "zombie" computers (or "botnet") that have been linked by the Storm Worm, a Trojan horse spread through e-mail spam. At its height in September 2007, the Storm botnet was running on anywhere from 1 million to 50 million computer systems, and accounted for 8% of all malware on Microsoft Windows computers. It was first identified around January 2007, having been distributed by email with subjects such as "230 dead as storm batters Europe," giving it its well-known name. The botnet began to decline in late 2007, and by mid-2008, had been reduced to infecting about 85,000 computers, far less than it had infected a year earlier.

As of December 2012, the original creators of Storm still haven't been found. The Storm botnet has displayed defensive behaviors that indicated that its controllers were actively protecting the botnet against attempts at tracking and disabling it, by specifically attacking the online operations of some security vendors and researchers who had attempted to investigate it. Security expert Joe Stewart revealed that in late 2007, the operators of the botnet began to further decentralize their operations, in possible plans to sell portions of the Storm botnet to other operators. It was reportedly powerful enough to force entire countries off the Internet, and was estimated to be capable of executing more instructions per second than some of the world's top supercomputers. The United States Federal Bureau of Investigation considered the botnet a major risk to increased bank fraud, identity theft, and other cybercrimes.

First detected on the Internet in January 2007, the Storm botnet and worm are so-called because of the storm-related subject lines its infectious e-mail employed initially, such as "230 dead as storm batters Europe." Later provocative subjects included, "Chinese missile shot down USA aircraft," and "U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel." It is suspected by some information security professionals that well-known fugitive spammers, including Leo Kuvayev, may have been involved in the operation and control of the Storm botnet. According to technology journalist Daniel Tynan, writing under his "Robert X. Cringely" pseudonym, a great portion of the fault for the existence of the Storm botnet lay with Microsoft and Adobe Systems. Other sources state that Storm Worm's primary method of victim acquisition was through enticing users via frequently changing social engineering (confidence trickery) schemes. According to Patrick Runald, the Storm botnet had a strong American focus, and likely had agents working to support it within the United States. Some experts, however, believe the Storm botnet controllers were Russian, some pointing specifically at the Russian Business Network, citing that the Storm software mentions a hatred of the Moscow-based security firm Kaspersky Lab, and includes the Russian word "buldozhka," which means "bulldog."


...
Wikipedia

...