One of the Most Prolific Viruses- Storm
In last weeks article we were looking at some of the most powerful viruses of the past decade. Continuing with the virus theme, this week we will talk about a worm called 'Storm'. It has to be said that I am extremely impressed by the strength and capability of this worm. Obviously, as it has not be created for a good cause I am only impressed in a disdained fashion. Nevertheless, I believe this worm was worthy of its own article.
The Storm Worm was detected on January 17th 2007, it attacked by sending emails to thousands of computers. The email's subject was "230 dead as storm batters Europe". The worm accounted for 8% of all infections globally after just six waves of attack. During its life the worm has continued to primarily infect people in the same fashion by getting them to open an executable attachment (opening executable attachments is NEVER a good idea) by sending e-mails with a catchy subject lines.
The rather unbelievable and arguably impressive stuff begins to happen once a machine has been infected however when, unbeknown to the user, it makes itself part of the Storm botnet; a network of "zombie" computers that are remotely controlled that have been infected by the Storm worm. An infected machine can be told to carry out commands given by the authors once it has been made part of the botnet - security analysts still don't know what the country of origin is and this is quite worrying.
Some have estimated that as many as 1 to 50 million infected computer systems comprise the network however one network analyst that claims to have developed software to crawl the botnet estimates a more conservative 160,000 machines.
This network has been known to participate, collectively, in a number of criminal activities from gathering user data, to attacking websites and forwarding the e-mail on to more potential victims. It is estimated that approximately 5,000 zombie machines are dedicated to passing the e-mail on, with a record 57 million messages estimated to have been sent on August 22nd 2007 alone. The worm automatically re-encodes the infection software twice an hour in order to avoid detection by anti-virus scanners. This means that there are many different variants of the same worm.
The system itself works on a peer by peer basis (such as that employed by file sharing applications) so that external monitoring the system and bringing down the network is made next to impossible; the machines all talk independently of a centralised server there is no one point of contact that can be targeted. The remote servers which control the botnet are also hidden behind a constantly changing network of proxies and variable DNS (Domain Name System) addresses changes. The network has also shown signs of intelligent defensive behaviours and whilst it is unknown whether these are automated or human controlled responses, security operators who have tried to probe the network have instantly been punished with a consolidated DDoS (Distributed Denial of Service) attack from the network which instantly cripples them.
The overall power of the network cannot be accurately estimated but if we work on a relatively conservative assumption that there are one million zombie machines (with broadband connections) being controlled from one source then the potential combined computing power and Internet bandwidth is quite staggering. If a network such as that created by Storm can exist by such a simple method of infection as an executable e-mail attachment then we could be in real problems for the future should the method of infection become more advanced and require no user interaction such as that employed by the Sasser worm which we covered last week.
Questions and Answers
Online tech support from Qresolve certified engineers skilled in providing computer support, troubleshooting errors, setup & installation, available 24X7 at 1-888-977-3765.
If you have ever had a computer virus then you will know how awful they can be. Computer viruses are designed to cripple you in many different ways. They can completely wipe out hard drives, create annoying pop up messages and steal passwords.
Why people create computer viruses? Isn't that a billion dollar question? It is because it is utterly impossible to know what goes on in some one's mind (while creating such nonsense programs), especially when we can't read our own friends' thoughts
This paper will discuss various aspects of security in web browsing. I will be explaining the different ways in which web browsing has became secure, and the different exploits that are being used to attack users of web browsing. I will talk about the different web browsers and the various security features they offer. It will also, discuss different users/researchers views on the tops/secure web browsers and I will give my opinion of which browser I would recommend to my friends, and family.
The April Fool's Virus is the term used generally to refer The Conficker Worm and it supposes to activate itself during the April Fool. However, it seems like it was not activated for unknown reasons. The public generally use the term virus to refer to malware. Technically, a virus is different from a worm. This article explains what is Conficker and how to remove it.
An in depth look at the new MMORPG from Blizzard Entertainment known as Diablo III, a long awaited release for Diablo fans.
Most small businesses take advantage of computer technology, and it certainly can make things a lot easier for everyone within the business when you do so properly. Unfortunately, there are also a number of different problems that can occur as a result of the technology that you are using.
For any restaurants, it is very important to have vigilant end to end point of sale and service. If someone is new to the business of making and serving meals, it's very important to have a clear cut observation on point to point service to sale.
Small business financial software plays a vital role in the operations of an organization especially the small enterprises. This is where you get the opportunity to keep the record of all the financial activities that are occurring in your organization.
Wireless is one of the best ways in order to get internet to a laptop or a computer, but if you want to sell wireless items in the US or Canada, you need to be sure you pass the wireless testing and you get the FCC certification to prove it.
One of my favourite sites on the Internet has to be the online auction page eBay. Over the past year I have seen not only myself but also my friends and family save hundreds of pounds by buying discounted new or used products online and then in turn selling bits and pieces that are no longer need for a reasonable price.
A few weeks back I looked at the advantages of Digital TV over conventional terrestrial TV and concluded for the small cost of upgrade that it was certainly worth the small investment of £50 or so in order to receive the new high quality digital stations.
Quite often the software contains questionable content such as pornographic links and it can be quite concerning if the computer is shared with other members of the family as there is often no way to delete the links that have been created. A piece of software that I've always found useful in all these instances is 'SpyBot Search & Destroy' which can be downloaded free of charge from http://security.kolla.de
The site in question is the comprehensive online encyclopaedia Wikipedia (www.wikipedia.org) which is a non profit site written primarily by reader input and funded by user donations.
As the resolve of Microsoft strengthens against the constant band of people taking advantage of security vulnerabilities in their most popular Operating System, we see an interesting new piece of software available to download from the Microsoft website designed to tackle Spyware.
Discuss this Article
