Storm and the Future of Social Engineering

← Back to Stories (view on slashdot.org)

Storm and the Future of Social Engineering

Posted by ryuzaki0 on Thursday June 12, 2008 @12:51AM from the worming-around-under-my-skin dept.

Albert writes "Storm shows several key characteristics, some new and advanced. It uses cunning social engineering techniques — such as tying spam campaigns to a current event or site of interest — as well as a blend of email and the Web to spread. It is highly coordinated, yet decentralized — and with Storm using the latest generation of P2P technology, it cannot be disabled by simply 'cutting off its head.' In addition, Storm is self-propagating — once infected, computers send out massive amounts of Storm spam to keep recruiting new nodes."

6 of 77 comments (clear)

Min score:

Reason:

Sort:

How is this news? by Magada · 2008-06-12 00:57 · Score: 5, Informative

The worm's been around for the better part of a year now and these features are in it from the beginning.

--
Something bad is coming when people are suddenly anxious to tell the truth.
1. Re:How is this news? by jeiler · 2008-06-12 01:05 · Score: 5, Insightful
  
  Not to mention that many of the "new social engineering tricks" have been used since the beginning of Usenet. Methinks net-security.org is reaching for this story.
  
  --
  If you haven't been down-modded lately, you aren't trying.
  Sacred cows make the best hamburger.
This is simply an advertisment by Silver+Sloth · 2008-06-12 01:01 · Score: 5, Informative

This is just a puff piece for IronPort - nothing to see here, move along

--
init 11 - for when you need that edge.
Self created problem? by Anonymous Coward · 2008-06-12 01:02 · Score: 5, Interesting

Social engineering is often a bit of a self created problem. Look at this (legitimate, yes, I confirmed) email I got today. I reported a very easily reproducible bug, in a internet hosting (for a client) software package. Here is there response:

Hi Eric

Please forward us the username and password that your using so we can login and test this problem

Cheers,

Bruce Renner
Betta Computer Services Pty Ltd
Unit 2 / 55 Tradelink Rd, Hillcrest, 4118
Ph: 3809 2999
Fx: 3809 3999

http://www.bettacomputers.com.au

Note: This message may contain privileged and confidential information that is the property of the intended recipient. The information herein is intended only for use of the addressee. If you are not the intended recipient, then you are requested to return e-mail to Betta Computer Services Pty Ltd and destroy any copies made. Copying or disseminating any of this message is prohibited. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Betta Computer Services Pty Ltd.
Lets get the ISPs involved! by thomasdz · 2008-06-12 01:08 · Score: 5, Funny

Since the article mentions "and with Storm using the latest generation of P2P technology"
I think the only reasonable solution to this is to for all of us to call our ISPs and demand that this "P2P" thing be either throttled back or somehow forced to stop, perhaps by sending out fake RST packets whenever the ISP sees "P2P traffic. Yeah, let's all do that so we can nip this Storm bot in the bud.

--
Karma: Excellent. 15 moderator points expire sometime.
Re:ZOMG BOTZ by Magada · 2008-06-12 01:13 · Score: 5, Interesting

Speaking as someone who's in the business... pretty much, yes. Also, IronPort is on a charm offensive because of the takeover - trying to convince everyone that they won't be less nimble now that they're chained to the big ol' dinosaur in the corner.

--
Something bad is coming when people are suddenly anxious to tell the truth.