Slashdot Mirror
Storm Worm Botnet Partitions May Be Up For Sale
Bowling for cents writes "There is evidence that the massive Storm Worm botnet is being broken up into smaller networks, and a ZDNet post thinks that's a surefire sign that the CPU power is up for sale to spammers and denial-of-service attackers. The latest variants of Storm are now using a 40-byte key to encrypt their Overnet/eDonkey peer-to-peer traffic, meaning that each node will only be able to communicate with nodes that use the same key. This effectively allows the Storm author to segment the Storm botnet into smaller networks. This could be a precursor to selling Storm to other spammers, as an end-to-end spam botnet system, complete with fast-flux DNS and hosting capabilities."
Doesn't matter if there's an update _after_ your system has been compromised. If updates were the answer to the botnet problem (instead of putting a band-aid on a bullet wound), then MS would actually have something to brag about...