By Stevie Smith Oct 31, 2007, 13:29 GMT
By exploiting the security vulnerabilities of out-of-date and/or unprotected PC systems, the trend of interlinked ‘zombie’ computers, which unwittingly provide the required networking power for the delivery of Internet spam attacks, is on the rise, with a new ‘Storm’ strain currently on the warpath.
Furthermore, according to research issued by security specialist Trend Micro, around 20 percent of the world’s computers have now been turned into zombie systems, all of which can be controlled by hackers and cyber criminals to conduct nefarious activities such as blanket e-mail spam, ‘click fraud/data theft’, and the potentially destructive ‘denial-of-service’ business attack.
The Storm worm has emerged as a particularly potent strain of zombie software, which is reportedly responsible for stealthily attacking and networking somewhere between 15 and 50 million computer systems, relays a Forbes article.
Referred to as possibly the biggest threat the security industry has ever seen by IBM’s Internet Security Systems’ Josh Corman, the Storm worm is described as being "patient, resilient, adaptive and invisible."
Storm is delivered via infected spam e-mails designed to tease users into opening the message through a wide variety of ever-changing topical news titles, which include "US secretary of state Condoleeza Rice has kicked German chancellor Angela Merkel", "British Muslims genocide", "log-in verification", "a killer at 11, he’s free at 21 and kills again", and "230 dead as storm batters Europe", which is apparently the first e-mail title to have hidden the worm back in January of 2007.
While Storm has thus far only been used to deliver spam e-mail to increase its entrenchment, security sources believe its potency could evolve to the point where government Web sites could be hit with massive denial-of-service attacks. One belief is that Storm’s zombie network could also be split into smaller networks, which would then be sold on to the highest bidder for other criminal uses.
Worse still is that having current anti-virus and Internet security software installed on your computer is no guarantee of locating and eradicating Storm. Corman notes, somewhat worryingly, that the worm is able to mutate as often as every 30 minutes, updating itself so fast that modern scanning software simply cannot follow its trail. He also offers that Storm can essentially brainwash anti-virus software so that it appears to be running but is actually totally ineffective.
Also, security firms working to bring down Storm, such as Spamhaus and Secureworks, are being hit by denial-of-service attacks courtesy of the worm’s creators.
The common attitude towards Storm is that there’s no real solution at this point, short of finding the worm’s creators and arresting them, though users are of course warned against opening any unsolicited e-mail or unknown e-mail attachments, which will at least squeeze Storm’s main vein of infection.
Your Talkback on this Story