However, Storm is not static. Three hundred thousand PCs may be cleaned up while Storm is recruiting another half a million. It is like a never-ending cyber game of whack-a-mole. Part of the Storm DNA is to recruit to replace fallen or patched machines. In older botnet systems, a system administrator cleaned and patched a system and it was cured. Storm is a new epidemic; a network can get cleaned of one version and get re-infected tomorrow. Regardless of its actual current size Storm and its archetype represents a substantial risk in computational power.
What makes it different from other malware?
Past malware iterations were one trick ponies, focusing on a single method of attack that, once discovered, was easily patched and mitigated by the security industry. Storm is unprecedented in the elegant combination of independently innovative tricks it uses to obfuscate signature anti-virus. Just as unique and impressive, is Storm’s masterful use of effective Social Engineering to deliver its malware.
Is Storm just being used to send spam?
No. Storm has three recognized revenue opportunities, but is not limited to these:
1. Botnet Rentals: The large scale of the botnet is being used as real-estate for the spam community, with portions being rented/or leased by spammers to send spam using Storm as the middleman.
2. Stock Market Manipulation: Penny stock trades are being performed through mass-marketed phishing schemes to artificially inflate stock prices, creating a profit scheme for those playing the “pump and dump” stock game.
3. DDoS for Hire: Although this does not appear to be a primary source of revenue, the massive size of Storm could easily take down any Fortune 50 company, holding the servers out for ransom or simply disrupting business. Additionally, as a form of self-preservation, Storm has launched DDOS attacks on companies that have security researchers working to mitigate the botnet.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.