Storm builds the world's biggest botnet

Storm may not be the most creative or malicious piece of malware ever written, but it's on track to become the most productive; threat researchers' recent estimates put the number of PCs it has infected at more than 1 million.

Share

Storm may not be the most creative or malicious piece of malware ever written, but it's on track to become the most productive; threat researchers' recent estimates put the number of PCs it has infected at more than 1 million.

First showing up on researchers' radars about a year ago, Storm is defined by some as a worm, others as a Trojan Horse.

Though it has gone by many names, Storm - referring to the spam blasts it has been behind that mention storms - has stuck.

Although it doesn't use any particularly inventive or malicious techniques, such as erasing files on a hard drive or recording keystrokes to capture passwords and personal information, it has gained notoriety through its writers' ability to update and adapt both the malware's code and the spam blasts that lure people to become infected with it - all with the purpose of building a giant botnet.

"Storm is a very aggressive worm," said John Levine, co-chair of the Internet Research Task Force's Anti-Spam Research Group. "It's interesting because it uses a [peer-to-peer] control structure that makes it hard to kill."

Most threat watchers say no one knows who is behind Storm, but Finnish antivirus maker F-Secure said a group called the Zhelatin Gang is responsible. F-Secure believes the gang is operating out of Russia. The security firm also said that Storm is the largest botnet in the world with slightly more than 1 million infected PCs.

Find your next job with computerworld UK jobs