Storm Worm Erupts Into Worst Virus Attack In 2 Years - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure

Storm Worm Erupts Into Worst Virus Attack In 2 Years

Storm worm authors are blasting the Internet with two types of attacks, and both are aimed at building up their botnet.

The Storm worm authors are waging a multi-pronged attack and generating the largest virus attack some researchers say they've seen in two years.

"We are basically in the midst of an incredibly large attack," said Adam Swidler, a senior manager with security company Postini. "It's the most sustained attack that we've seen. There's been nine to 10 days straight days of attack at this level."

Swidler said in an interview with InformationWeek that the attack started a little more than a week ago, and Postini since then has recorded 200 million spam e-mails luring users to malicious Web sites. Before this attack, an average day sees about 1 million virus-laden e-mails, according to Postini. Last Thursday, however, the company tracked 42 million Storm-related messages in that day alone. As of Tuesday afternoon, Postini researchers were predicting they would see that day between 4 million and 6 million virus e-mails -- 99% of them associated with the Storm worm.

While the number of spam e-mails has dropped significantly, it's still far above normal levels, so Swidler isn't ready to say the attack is over.

The viruses are not embedded in the e-mails or in attachments. The e-mails, many of them otherwise empty, contain a link to a compromised Web site where machines are infected with a generic downloader. This helps pull the computers into the malware authors' growing botnet, while also leaving them open for further infection at a later date.

"This is designed to add computers to the botnet," said Swidler. "That's first and foremost their goal."

But the Storm worm authors aren't contenting themselves with this one attack vector.

Paul Henry, VP of technologies with Secure Computing, said in an interview that the electronic greeting card spam scam that the Storm worm authors launched early in July is stronger than ever. He noted that a friend of his has a company with 100 users and they're being hit with about 300 e-card spams every day.

"Back in December, we saw a huge spike in e-card spams because of the holiday," he added. "We are at the levels we were seeing back in December right now Most security professionals thought it would show up for Independence Day and then fade immediately, but it's been escalating for the last few weeks. It's definitely a pain point."

Again, the e-card spam message, which install rootkits in the infected computers, are working to build a botnet. Henry could not say if it's the same botnet as the other messages are building.

"I have seen thousands of these e-mails since Independence Day. It's got to be working for them or they wouldn't keep doing it," said Henry.

Just a few weeks ago, the Storm worm authors began trying to trick users with fraudulent e-mails warning unsuspecting users about virus or spyware infections. Users around the world were receiving spam messages claiming that viruses or spyware had been detected on the users' systems. It was another attempt to lure users to malicious sites where their computers could be infected.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
Commentary
A Strategy to Aid Underserved Communities and Fill Tech Jobs
Joao-Pierre S. Ruth, Senior Writer,  7/9/2021
Slideshows
10 Ways AI and ML Are Evolving
Lisa Morgan, Freelance Writer,  6/28/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Video
Current Issue
Slideshows
Flash Poll