Slashdot Mirror

← Back to Stories (view on slashdot.org)

Storm Worm More Powerful Than Top Supercomputers

Posted by ScuttleMonkey on from the spamalot dept.

Stony Stevenson writes to mention that some security researchers are claiming that the Storm Worm has grown so massive that it could rival the world's top supercomputers in terms of raw power. "Sergeant said researchers at MessageLabs see about 2 million different computers in the botnet sending out spam on any given day, and he adds that he estimates the botnet generally is operating at about 10 percent of capacity. 'We've seen spikes where the owner is experimenting with something and those spikes are usually five to 10 times what we normally see,' he said, noting he suspects the botnet could be as large as 50 million computers. 'That means they can turn on the taps whenever they want to.'"

2 of 390 comments (clear)

  1. STILL NOT A WORM by Dibblah · · Score: 5, Informative

    ,ad88888ba          88  88  88        888b      88
    d8"     "8b  ,d     ""  88  88        8888b     88                ,d
    Y8,          88         88  88        88 `8b    88                88
    `Y8aaaaa,  MM88MMM  88  88  88        88  `8b   88   ,adPPYba,  MM88MMM
      `"""""8b,  88     88  88  88        88   `8b  88  a8"     "8a   88
            `8b  88     88  88  88        88    `8b 88  8b       d8   88
    Y8a     a8P  88,    88  88  88        88     `8888  "8a,   ,a8"   88,
    "Y88888P"   "Y888   88  88  88        88      `888   `"YbbdP"'    "Y888

                    db
                   d88b
                  d8'`8b
                 d8'  `8b
                d8YaaaaY8b
               d8""""""""8b
              d8'        `8b
             d8'          `8b

    I8,        8        ,8I
    `8b       d8b       d8'
    "8,     ,8"8,     ,8"
      Y8     8P Y8     8P   ,adPPYba,   8b,dPPYba,  88,dPYba,,adPYba,
      `8b   d8' `8b   d8'  a8"     "8a  88P'   "Y8  88P'   "88"    "8a
       `8a a8'   `8a a8'   8b       d8  88          88      88      88
        `8a8'     `8a8'    "8a,   ,a8"  88          88      88      88
         `8'       `8'      `"YbbdP"'   88          88      88      88

    Yes, nasty ASCII art.

    Just in case you hadn't guessed (which it appears that the meeedia has not) - This Is A Trojan. Which means that it's Powered By Stupid People (tm). A worm would be Powered By Stupid Programmers (tm).

    The Storm Worm is in fact already defined - It was an IIS worm. Please, feel free to look at the reputable AV lists.

    1. Re:STILL NOT A WORM by VENONA · · Score: 4, Informative

      Parent 100% correct. Though it's easy to see how people can be mislead, as even some of the security sites are calling it a worm. http://www.secureworks.com/research/threats/view.h tml?threat=storm-worm
      gives you some information on how it operates (as of 2/07, and the names of the executables you had to click on to infect yourself have probably changed since then)

      The original storm.worm (2001) attacked unpatched MS IIS servers, and actually was a worm.
      http://www.securiteam.com/securitynews/5DP0B0K4KG. html

      How this got so large is a pretty sad commentary. First off, it's proof that people will still click on attachments without verifying whether they're legitimate. I'm not convinced that any amount of training will ever stop this behavior. It hasn't worked over the *last* ten years, at any rate. Second, several virus scanners would have detected it, if they'd been kept updated. Thirdly, I've seen this running from within a couple of corporate LANs, which implies that even corporations don't always keep anti-virus software up to date, or monitor for P2P traffic, which IMO should very seldom be allowed on a corporate network.

      --
      What you do with a computer does not constitute the whole of computing.