Slashdot Mirror

← Back to Stories (view on slashdot.org)

Storm Worm Rising

Posted by CmdrTaco on from the goggles-do-nothing dept.

The Storm worm has been an increasing problem in the last few months, but a change in tactics may mean something big is going to happen. The article discusses a bit of back story about the worm, including the somewhat frightening numbers about the millions of spam emails carrying the worm payload. They estimate between a quarter and a million infected systems usable for spam or DDOS attacks.

7 of 218 comments (clear)

  1. NO! by everphilski · · Score: 4, Insightful

    Shouldn't everyone be blocking .exe attackments at the MTA?

    NO! It's annoying enough that Google rapes through my .zip files looking for .exe's.

    If I'm working on a c++ program at work and zip it up and gmail it home (lock the computer while it uploads) and forget to 'make clean' ... I don't get my code. I know its nitpicky and a make clean or a thumb drive will cure my problems but I'm forgetful which tend to preclude both.

  2. "The silent majority" is uninformed. by khasim · · Score: 4, Insightful

    No. "The silent majority" believe that this is the way computers just "work".

    They've been shown that in countless movies and TV shows and by "experts" on the news.

    They're the ones you see claiming that Linux and Mac's will have the "same problems" as their market share increases.

    With all the past outbreaks on Windows machines, anyone who wanted to migrate has already started their migration. This won't change anything for anyone else.

    1. Re:"The silent majority" is uninformed. by Stefanwulf · · Score: 4, Insightful

      They're the ones you see claiming that Linux and Mac's will have the "same problems" as their market share increases.
      Out of curiosity, what aspects of the OSX/BSD and Linux architectures are going to stop:
      • An uneducated user from executing a binary file they download from a URL they are given
      • A process that user is running from executing further code with that user's privileges
      • That user's processes from making outbound TCP/UDP connections
      • That user's processes from accessing an SMTP server to send emails
      • A user from configuring a process to run on logging in
      By my thinking, that's really all that's needed for a botnet to work on a given platform. I am certainly ignorant of many details regarding the BSD/Linux kernels and I stand ready to be corrected, but I believe I've seen all those things happening individually as part of day to day user life on my linux box.
    2. Re:"The silent majority" is uninformed. by pjbgravely · · Score: 3, Insightful

      All of the Linux distros I've seen pack in much more than that, which seems like overkill to me. I'd also have to think that the group would find a whole new slew of anoyances with Linux as well. Especially if they can't playback music or watch videos (does YouTube work w/Linux?).

      Why wouldn't YouTube work with Linux? YouTube runs on Linux. http://uptime.netcraft.com/up/graph?site=youtube.c om
      There is a Linux version of flash, it was behind for a while but YouTube still worked even then. I have no problems playing videos on Linux, I do have problems with friends using Microsoft Windows playing anything I send them that isn't a Microsoft Windows media player file.
      --
      Star Trek, there maybe hope.
  3. Re:What does God need with a starship? by ktappe · · Score: 3, Insightful

    "Why do you need a botnet that big?" he asks. "You don't need a million [infected computers] to send spam." For spam, a million-strong botnet might be overkill. But botnets can do much more - like launching denial-of-service attacks.
    So the question is, who is controlling these botnets and why?
    It is possible that the creators of this worm did not have any idea how successful they would be. They may have figured they'd get 5,000 PC's, not 500,000. Now suddenly they have a monster by the tail and are not sure what to do with it.
    --
    "We can categorically state we have not released man-eating badgers into the area." - UK military spokesman, July 2007
  4. Re:Question on that article by anilg · · Score: 3, Insightful

    My best guess is related to the way security companies work (the pay-per-problem model).

    The companies that care enough about their security issues are those with critical servers, and many of these use win 2K3.

    Storm affecting these boxes would mean quicker detection of the virus, and lesser migration. Without these (and with users who dont update anti-virus signatures very regularly), the virus has a greater potential of spreading. Of course, the author didn't imagine Storm would be this popular, and that this anti-2k3 trick wouldn't really matter.

    --
    http://dilemma.gulecha.org - My philospohical short film.
  5. Re:More information by just_another_sean · · Score: 3, Insightful

    The examples I've seen of this don't have an attachment. It's a "click here! to view your postcard!" link in the email. Clikcing the link takes you to a site that says something like "We're trying a new feature on our site, please click here if you do not see your postcard". This link is then to an executable which of course prompts you to download or run. It seems to me you'd have to be pretty naive or just plain stupid to click through to the point of infection but I'm guessing a lot of people do...

    For me the biggest problem with these is that there is no attachment for AV to pick off and there is hardly any text and no real advertising in the email so our spam filters don't block it either.

    --
    Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal