Storm creators offer their botnet for lease
For nearly a year, cyber-security researchers have tracked the Storm worm as its malicious code spread across the Internet, drawing computers into a growing botnet of hijacked computers. Now, they’ve found evidence that segments of its zombie army are being rented to the highest bidder. Over the past week, researchers at Finnish security company F-secure have identified what they say is the first use of Storm’s massive “botnet”–a collection of hundreds of thousands of computers hijacked with hidden software–to steal users’ banking information.
Tracing the physical location of phishing sites that impersonated pages from U.K.-based Barclay and Halifax banks, F-secure’s researchers found that they were hosted on the same Russian server used for distributing Storm in recent weeks. F-secure’s researchers also report the software used to mimic Barclay’s and Halifax’s banking sites is a primitive phishing kit from 2004–a sign that Storm’s innovative creators are renting out their real estate to less savvy cyber-criminals. More than other strains of malicious code, the Storm worm has proven itself difficult to outsmart since it was discovered in January 2007. Researchers have struggled to keep up with its quick metamorphoses and smart spam campaigns that use attached PDFs, e-cards, and even YouTube invitations to infect users with malicious software.
Unlike other botnets, Storm has no single command-and-control point–it functions as a peer-to-peer system where any hijacked computer can give and receive commands. That means shutting it down isn’t as simple as alerting the Internet service provider where the botnet is hosted. “Storm is so well written that we have no idea of how to make it go away,” Schneier says. “Usually, we find the controller and nuke it. This thing has no controller” says Bruce Schneier, a security researcher for BT Counterpane. Until now, Storm’s creators have been focused on growing its ranks: Infected computers have sent out spam, drawing users to compromised Web sites that hijack more PCs. If Storm’s zombie army is shifting into mercenary mode, researchers say, it could mark another step in the evolution of cybercrime. Update your firewall and antivirus today!
Source: Forbes
Comments(41)
oh i’m real scared….
When will pple learn to use anti virus software…. very interesting article though, thanks.
Someone just mentioned antivirus….seems u dont really know how these things work.
i think storm is awesome, they nuke anyone offline that tries to investigate them.
storm knows, and punishes.
@ Tim
i dont use an Anti-Virus too.. but i never get/got infected.
Its just the Stupidity of the computer users who get them infected!
to dean, anti virus software often comes with an anti-spam protection.
Sounds a little terminator-ish 2 me…..
Computer virus that works with-out host.
*Locks Bomb-shelter*
aint no place like home, aint no place like home, aint no place ……. ***nuke*** KABLAMO
If the govenments have taught us any-thing, Just remember, duck and roll and u will b just fine….. or hide under a wooden table, yeah that’ll work… nervous lol
wonder if AVG has a update 4 this? LMFAO @ 2… u so crazy
mmm, i should start saving now. sounds like a nice investment
***wonders if somehow VISTA is 2 blame***
Thanx Bill
OMFG…!!
OH NOEZ!!
Well, go and blow off the Internet then.. ._.
anti-phishing** protection
@ 7. oneSh@DyTHUG LOLOLOL
Duck…….and cover! http://www.youtube.com/watch?v=lW4s7TETtJA
Can Sum1 tell me how to install storm on my pc?
@ 13 yeah just open every dodgy email you receive and follow the links, I’m sure you’ll get it soon enough!
St0rm – Russian Business Network (RBN)
Change your OS , don’t bother your sleep with upgrades of FW and AV.
Choose linux and forget your troubles.
and forget your games and 95% of your software, since none of it works on Linux.
http://www.reactos.org/en/index.html
looks like its going to be good
@17
Use wine, you can play most games on linux with that
Ha ha, if the world ends, it will be because of Windows’ broken security design.
Linux ain’t got problems here. OS X got fewer than Windows. But the world insists in keep using a broken piece of crap called Windows.
It’s you own fault then. I’ve made my choice and am safe.
@18,
thx man checking it out noxw
@20: You cannot compare Windows to anything until it is equally as popular. And it is hardly broken. I have a total of what, 0 crashes a month and don’t have to restart for weeks if I wanted to.
With due respect to the Linux spammers here, I prefer not to spend 10000 hours trying to look for drivers that don’t exist and having to throw away software I hold dear and have worked for me. I’ve heard Linux has changed but I still don’t like it regardless of how well my quadcore might run on it. If games run on Linux without hundreds of hours of finding software, drivers and all sorts of alcoholic drinks for it (I don’t like wine, I much prefer Baileys XD) then I’ll concider.
where is the eBay link? i wanna bid.
could be a sweet attack on MAFIAA.
someone really needs to do something about the storm. i’ts the single biggest threat to the internet.
imagine the “hundreds of thousand” computers beginning to make coordianted ddos attacks on all the TLD’s
The Storm does sound a little bit like the early stages of Skynet (discarding the fact that in the movie it wasn’t a virus to begin with) Maybe we will see something cool when Storm aquires awareness! ;D
These rootkits are getting worse.
They need to find the crimals doing this instead of targeting the P2P community.
At least we all won’t be scammed.
When will ppl learn not to use Interent explorer and switch to Firefox with fijan and site sit advisor.
FFS
Upon first hearing about the Storm BotNet I seriously thought it was fake. A malware network that can take down small countries? You must be joking.
I wish they were.
This thing is growing by the day and the people behind it are always well ahead of the people trying to take it down. If this power is in the hands of organized crime groups then there are a lot of companies and governments that should be pooping there pants right now.
Unless a company or government is in control of it……Russia……China? Not a nice thought.
Install linux on some oldie computer and run your windows computer through that, bam no problems.
Notice it’s a warning put out by an AV company, and not one of the big ones either… Scare tactic? I’m surprise nobody has commented on this by now. Run your updates, keep an your AV proggy up to date, and toss out your foil hat.
@18: If it’s 100% compatible with Windows binaries, won’t it be 100% compatible with the virii too?
If you wanna get in on a botnet, or even the storm worm, just keep on DL’ing CORE and other “release” groups stuff off here and other torrent sites. This place is filled with infected programs.
These people that write these programs and botnets need their nuts ripped off with a pair of vice-grips.
i would really love to see Storm in action.
@ 5 if u dont use an anti virus then how do you know you havnt been infected numb nuts
LOL
We all should know to have atleast minimum anti virus, heck u can even get a few for free if u look in the right places
he he
I only do my banking from my work pc which is better protected than my home pc as im always d/ling crap from the net.
Its hit n miss really, by the time we hear about it it could be too late. the only way to be sure is unplug that modem rofl
@13 http://happycards2008.com/
You don’t need AV if you have linux or beos !
I will never trust any OS enough not to have any brand of Antivirus.
On another note MS 2 new patches from this tuesday, really slowed down my PC on login. Anyone else having this problem.
It seems to take forever to load the settings.
wow, alot of people talking about how to prevent your computer from being infected..how about the botnet itself? I’m sorta confused here.
Storm is P2P based, taking its commands from OTHER clients. So, what makes it so damn hard for one client to send out a self destruct command?
“metamorphoses”? Sounds like SkyNet is taking over! Dam it, wheres Arnold when you need him?!
30 (K7) has a point. If windows software works on it, then the virii will work on it also. Making it no more secure, infact, probably less secure.