Storm malware still blowing strong

One year on and no sign of fading away

Clement James

vnunet.com, 28 Jan 2008

The 2007 Global Threat Report from Bratislava-based security firm ESET has highlighted the huge success of the Storm worm.

The report looked at the social engineering tactics used over the past 12 months and the duration of each technique.

Advertisement

ESET believes that malware authors closely monitor the effectiveness of each ploy in an attempt to aid propagation and infection.

"Storm is a good example of a modern threat that uses advanced technology to infect PCs and maintain its foothold on compromised systems by any means available," said Andrew Lee, chief research officer at ESET.

"It is unique in that its programmers, and the bot-masters they work with, are paying a great deal of attention to maintaining the botnet, releasing frequent updates to evade detection by anti-malware and intrusion detection systems."

A sign of Storm's sophisticated structure and self-updating mechanism is that different components are detected under several different names, even by a single security product.

The Global Threat Report noted that computers running Microsoft's Windows were not the only target during 2007, and that October saw one of the first attacks targeting Apple machines running Mac OS X.

The malware attack targeting OS X resembled W32/Zlob, but was rudimentary compared to cutting-edge Windows malware.

Despite the emergence of more complex threats in 2007, older types of malware such as mass mailers are still circulating in vast quantities.

A sample of 4,251 million emails monitored by ESET from 1 January to 10 December 2007 found that 33.8 million carried malicious content such as a malware attachment or a link to a website containing malicious code.

The most prevalent email-borne threat was malware that closely resembled Win32/Stration.XW (aka Warezov or Stration) which has been around since mid-2006.

Win32/Stration.XW is used to send unsolicited emails and often arrives as an attachment which tries to disguise itself as a normal text file by modifying its own icon.

ESET saw variants of Stration during 2007 that also used MSN Messenger or Skype to send copies of themselves.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Storm botnet connected to phishing ring

Experts fear hackers selling time on botnet

Spam levels reach 95 per cent in 2007

Spammers getting more and more inventive

vnunet.com analysis: The malware 'shadow economy'

Online criminals using techniques of the free market

Related whitepapers

Related jobs

Most watched

iPhone

Video Review: iPhone 3GS

We put Apple's latest iPhone through its paces

Xperia X1

Video Review: Sony Ericsson Xperia X1

First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1

More video

IT white papers

Search white papers

Top categories

Poll

Poll: Summer smartphones

Poll: Summer smartphones

Which smartphone will you be taking to the beach this summer?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

a padlock

Microsoft to plug security holes

Microsoft has given advance warning of a number of security...

Nokia handset

Top 10 articles, 10 July 09

No Nokia Android phone, ActiveX attacks and Google enters into...

Can Google beat Microsoft at its own game?

Google's announcement this week that it plans to step into...

iPhone

Video Review: iPhone 3GS

We put Apple's latest iPhone through its paces

Primary Navigation