Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Storm Worm - Comprehensive Analysis by Cyber-TA

Storm One of the most technical and in-depth analysis of the Storm Worm botnet can be found in the links below. Every new development should be watched by security professionals, as these constant attacks use convincing and innovative social engineering schemes (e.g., e-cards).  Once a workstation becomes infected, it becomes a member of the botnet consisting of at least 1.6 PCs.  These infections are also difficult to detect and clean as advanced rootkit techniques are used.   

Storm Worm - Comprehensive Analysis by Cyber-TA
http://www.cyber-ta.org/pubs/StormWorm/
http://www.cyber-ta.org/pubs/StormWorm/report/
http://www.cyber-ta.org/pubs/StormWorm/links.html

Lightning QUOTE: Since early 2007 a new form of malware has made its presence known on the Internet by its prolific growth rate, its ability to distribute large volumes of spam, and its ability to avoid detection and eradication.  Storm Worm (or W32.Peacomm, Nuwar, Tibs, Zhelatin), as it is known, is a highly prolific new generation of malware that has gained a significant foothold in unsuspecting Microsoft Windows computers across the Internet. 

Storm, like all bots, distinguishes itself from other forms of malware by its ability to establish a control channel that allows its infected clients to operate as a coordinated collective, or botnet.  However, even among botnets Storm has further distinguished itself by being among the first to introduce a fully P2P control channel, to utilize fast-flux to hide its binary  distribution points, and to aggressively defend itself from those who would seek  to reverse engineer its logic. Despite all the hype and paranoia surrounding Storm, the inner workings of this botnet largely remain a mystery.

Lightning Additional Links and Information
http://en.wikipedia.org/wiki/Storm_Worm
http://www.cyber-ta.org/pubs/StormWorm/links.html

Comments

wikipedia » Storm Worm - Comprehensive Analysis by Cyber-TA said:

Pingback from  wikipedia » Storm Worm - Comprehensive Analysis by Cyber-TA

# October 21, 2007 12:57 AM