genesbmx
Site Admin
Joined: 22 Mar 2006
Posts: 838
:
Location: Wenatchee, Washington
Items
|
 Posted: Fri Aug 03, 2007 11:36 pm Post subject: Storm E-mail Worm Evolves As It Wreaks Havoc |
 |
|
Storm E-mail Worm Evolves As It Wreaks Havoc On Net
Los Vegas, NV -- 08/03/2007
Like a summer cyclone gathering force, the Storm e-mail
worm is casting an expanding shadow on the Internet.
Storm first spread to e-mail in-boxes in Europe and the USA in January -
enticing recipients to click on a link for a fake news story about a deadly
storm or other dramatic event. Clicking on the link turned the PC over to
Storm's controller.
As security companies began blocking such e-mail, Storm instead started
sending out links to tainted e-cards purportedly from family or friends.
"It's the perfect example of the cat-and-mouse game where the author
modifies the threat to stay ahead," says Ben Greenbaum, senior
research at anti-virus supplier Symantec. (SYMC)
At the Black Hat security conference here, Atlanta-based security firm
SecureWorks said Thursday that it has blocked 20 million copies of
Storm from hitting e-mail in-boxes at its 1,800 clients since June.
New versions of Storm continue to swamp e-mail in-boxes. Clicking a
tainted link causes the victim's PC to be quietly added to a sprawling
network of infected "bot" PCs, says SecureWorks senior researcher Joe
Stewart.
Storm's controller has used this bot network to relay millions of e-mail
messages hyping cheap shares in obscure public companies. The crooks,
of course, own shares in the companies. Once the spam drives up the
price, they dump the shares at a profit.
Stewart has done groundbreaking work tracking Storm's pump-and-dump
activities. The number of active Storm bots zoomed to 1.7 million by the
end of July, up from 2,815 at the end of May.
Security firms have tried to stem Storm's damage by setting up virtual
computers, called honeypots, to receive the e-mails carrying fake e-cards.
Filters can then be put in place to block such e-mail. But Storm's author
quickly adjusted. The latest version detects virtual machines and does
not infect them.
None of the techniques Storm's author has used are new.
But combining them toward a single goal has never been
done on this scale.
"They are sending it out very aggressively," says
Mikko Hypponen, senior researcher at anti-virus firm F-Secure.
Storm has resulted in far and away the largest bot network ever
measured, Stewart says. He worries that the author has other
profit-making activities in mind.
"It could be the hacker is rapidly building up the botnet so it can be
leased to other hackers, so that they can launch massive attacks
against whatever target they choose," he says.
Stewart's advice: Keep anti-virus software up to date and be suspicious
of any e-mail attachment or link, even from what appears to be a familiar
source.
_________________
Geneb...Wenatchee,Washington-USA
All Things Northwest in BMX!
***** Gene`s BMX *****
http://www.genesbmx.com |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
