Holiday Spam Quadruples Storm Worm Infections
The flood of phony e-greetings cards spammed out over the holidays may have helped to more than quadruple the number of Microsoft Windows PCs infected with the "Storm worm," new research suggests.
By mid-December, the size of the Storm worm "botnet" - or pool of infected machines that Storm's author(s) control from afar - stood at around 5,000 to 10,000 systems, according to estimates by researchers at the German Honeynet Project, which has been tracking the size and activity of Storm for several months. This was fairly close to a historic low for a botnet, that by some estimates claimed between one and 10 million infected PCs in the middle of 2007.
Just before Christmas Eve, Storm began to stir again: Inboxes around the world began choking on a flood of Storm-worm laced fake e-greetings cards bearing holiday greetings. A few days later, another wave of bogus greeting cards - this time with New Year's salutations -- was blasted out with Storm attached.
Apparently, that campaign was largely successful at breathing new life in the Storm botnet, which now stands at a more robust 40,000 infected systems, said Thorsten Holz, one of the founders of the Honeynet Project.
Check out the graphic at the right for a look at the Storm botnet's growth over the holidays. Holz said the up-and-down pattern seen throughout the graph probably is caused by the regular, diurnal pattern of infected machines being turned off for the evening and restarted again in the morning. Such a strong, consistent pattern may also suggest that the bulk of the infected PCs are located within a relatively small number of time zones (e.g., the United States).
Posted by: brucerealtor | January 4, 2008 2:39 PM | Report abuse
Posted by: Keith Warner | January 4, 2008 10:19 PM | Report abuse
Posted by: DB Cooper | January 5, 2008 12:07 AM | Report abuse
Posted by: Mike | January 5, 2008 7:37 AM | Report abuse
Posted by: Dominique | January 6, 2008 2:15 PM | Report abuse
Posted by: Dominique | January 6, 2008 2:18 PM | Report abuse
Posted by: botnix | January 9, 2008 9:08 AM | Report abuse
The comments to this entry are closed.