Slashdot Mirror

← Back to Stories (view on slashdot.org)

Storm Worm Being Reduced to a Squall

Posted by Zonk on from the blood-pressure-lowering-sight-returning dept.

Rumours of financial schemes surrounding the botnet aside, PC World has an article that should lower the blood pressure of some SysAdmins. The Storm Worm botnet is apparently shrinking. A researcher out of UC San Diego who has been tracking the network has published a report indicating it is now only 10% of its former size. "Some estimates have put Storm at 50 million computers, a number that would give its controllers access to more processing power than the world's most powerful supercomputer. But Enright said that the real story is significantly less terrifying. In July, for example, he said that Storm appeared to have infected about 1.5 million PCs, about 200,000 of which were accessible at any given time. Enright guessed that a total of about 15 million PCs have been infected by Storm in the nine months it has been around, although the vast majority of those have been cleaned up and are no longer part of the Storm network."

7 of 183 comments (clear)

  1. don't be sure by phantomfive · · Score: 5, Insightful
    The researcher determined this with a spider he created to crawl the storm network. How does he know that the network is shrinking and not just being partitioned?

    Furthermore, the storm virus is known to be updatable. Is it possible it was updated to be even less obtrusive, thus escaping detection in other ways? Maybe it has gone into dormant mode, because the creator doesn't need so many computers at the moment.

    One interesting innovation of the worm, quoted from the article:

    "If you're a researcher and you hit the pages hosting the malware too much... there is an automated process that automatically launches a denial of service [attack] against you," he said. This attack, which floods the victim's computer with a deluge of Internet traffic, knocked part of the UC San Diego network offline when it first struck.

    I think some part of me must be sick or something, because when I read about this I almost hope the worm will get bigger, become unstoppable, and reveal windows for the insecure piece of crap that it is. Linux, BSD, OSX, Solaris, and heck even Minux could clearly stand up to a threat like this much more easily than Windows.

    --
    Qxe4
    1. Re:don't be sure by John+Hasler · · Score: 4, Insightful

      > I think some part of me must be sick or something, because when I read about this I
      > almost hope the worm will get bigger, become unstoppable, and reveal windows for the
      > insecure piece of crap that it is.

      Already been done. Nobody cares.

      --
      Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
    2. Re:don't be sure by phantomfive · · Score: 4, Insightful

      Heh, I knew someone was going to trot out this old troll. The point is, it would be much easier to secure unix-type systems than windows-type systems. Compare Microsoft's budget to that of OpenBSD; now tell me, which is more secure?

      For it to be effective as a virus, it is going to have to install itself to startup somehow. What is going to do, add a line to my .bashrc? Add a script to /etc/rc.d? It can't do that, only root can, and I don't browse the internet as root. Nobody does.

      You may say, "it will prompt you for the password and idiot users will just type it" but you are showing your Windows bias. On windows, you get so many popup prompts that many users just ignore them and do whatever they ask. OSX has shown that it can be done differently, however. Ask any average OSX user what they would do if a downloaded attachment asked them for their root password, and they will say something to the effect of, "Freak out and delete it immmediately." It's because the warnings and prompts in OSX don't become annoying.

      Security on Windows is hard. For any vulnerability, it takes a lot more effort to fix on Windows than a similar vulnerability in a Unix system. In unix-world, fixing the OS is an option.

      --
      Qxe4
  2. Re:Mac and Linux users by TheRaven64 · · Score: 3, Insightful

    Just breathed a collective sigh of relief... Oh wait, maybe they were just rolling their eyes and sighing. No, we get spam from Windows zombies the same as everyone else.
    --
    I am TheRaven on Soylent News
  3. Re:Mac and Linux users by Torvaun · · Score: 3, Insightful

    Windows can be secured. I've got an XP desktop for gaming, and I run Linux on my laptop. Neither of them get viruses. My protection suite is all free software, so there's no annual fee there. And, if enough regular people switched to something with a Unix base, they'd have virus issues too. There are viruses and rootkits for systems other than Windows. They aren't prolific because the average moron who clicks everything is on Windows.

    Yes, those systems are more secure than Windows. No, they are not secure enough to deal with the assault of a wave of moronic users. Feel free to dream of an exodus away from Windows, but understand that nothing will change, even if your dream comes true.

    --
    I see your informative link, and raise you a pithy comment.
  4. Re:Oblig. by morgan_greywolf · · Score: 3, Insightful

    I think that the problem of viruses would be greatly reduced if people were less ignorant about viruses.


    I think the problem of viruses would be greatly reduced if people were less ignorant about how their behavior causes them to get viruses.

    Windows can be an okay operating system security-wise, if people didn't do these things:

    Run Internet Explorer: IE is buggy and and insecure. If everyone replaced it with Firefox with the NoScript plugin installed, you could watch how much fewer viruses there would be.

    Run Outlook or Outlook Express: Mail programs shouldn't have scripting abilities that can take control of the entire OS. Watch how much fewer viruses would exist if people would run Thunderbird instead.

    Download programs from untrusted sites: Lots of random malware, spyware and viruses are installed because users the latest 'cute' or 'cool' thing their friend told them about.

    Enable VBA macros to autorun in Microsoft Office documents. Turn off macros.

    Run as Administrator: Either learn how to use your OS properly or upgrade to Vista. Seriously.


    Eliminate these behaviors and you will have removed the most common vectors of infection on Windows machines.

    --
    My blog
  5. Re:Spread of Windows by diskis · · Score: 3, Insightful

    That argument is getting a bit dated. Linux is used more and more as servers. More processing power, more bandwidth and not so competent administrators. I know a lot of machines sitting un-updated on 100mbit or faster. They have been sitting for years serving as storage for irc logs, simpsons episodes and funny pictures. Still they are not part of any botnets.