Internet and e-mail policy and practice including Notes on Internet E-mail

←2007→ Months Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Click the comments link on any story to see comments or add your own. RSS feed

Home :: Email 23 Oct 2007 How big is the Storm botnet? Email The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year, with both upgrades to the underlying engine and a variety of applications, most of which involve sending spam. (If you've gotten pump and dump spam with the message in an MP3 audio file, that's Storm's latest campaign.) Enright says that although Storm's peer-to-peer control structure makes it harder to map than centrally controlled botnets, its P2P design is relatively simple, and is similar enough to the eDonkey network that he could adapt tools designed for eDonkey to map Storm. While it's never possible to find the exact size of a P2P network since nodes are constantly going on and off line, his statistics suggest that Storm consists of hundreds of thousands of nodes, not millions. While that's a lot, it's in the same range as other botnets. What really sets Storm apart is its operators' skillful social engineering that constantly comes up with new tricks to get people to click on links that infect their Windows PCs. The slides are somewhat technical but easy enough to follow, and are worth a look. posted at: 23:39 :: permanent link to this entry :: 1 comments comments...        (Jump to the end to add your own comment) Note that these numbers are only tracking "old" storm nodes that haven't managed to get updated with the newer encrypted communications module. So the numbers are unfortunately way off. I don't think Storm is as huge as it has been, but it's still pretty powerful. (by Matt Sergeant 26 Oct 2007 09:49) Add your comment... Note: all comments require an email address to send a confirmation to verify that it was posted by a person and not a spambot. Your email won't be displayed unless you check the box below, and won't be used for other purposes.   Name: Email: you@wherever (required, for confirmation) Title: (optional) Comments: Show my Email address Save my Name and Email for next time

Topics Copyright Law - 9 Email - 136 ICANN - 69 Money - 8 My other sites Who is this guy? Airline ticket info Taughannock Networks Other blogs Spam resource (Al Iverson) The Spam Diaries (Ed Falk) Word to the Wise (Laura Atkins) Related sites IRTF Anti-Spam Research Group Network Abuse Clearinghouse Coalition Against Unsolicited Commercial E-mail

© 2005-2009 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.