The Inquirer-Home

Storm Work botnet broken up

Up for sale
By Nick Farrell
Wed Oct 17 2007, 10:13

SECURITY expert Joe Stewart reckons that the Storm botnet has been broken up into smaller networks so that it can be flogged to spammers and DoS attackers.

Stewart, who works for SecureWorks, said the latest variants of Storm are now using a 40-byte key to encrypt their Overnet/eDonkey peer-to-peer traffic.

Writing in his bog, Stewart said that this allows the Storm author to segment the botnet into smaller networks and flog it off to other spammers.

He warned that if this happens the Storm Work network would be all over the net really quickly.

It has been estimated that between one to 10 million CPUs are part of the Storm Work network.

On the plus side, Stewart said that the new encryption scheme meant it was easier to distinguish Storm-related traffic from legitimate Overnet/eDonkey P2P traffic. ยต

Share this:

Comments
Too Legit To Quit

Ha ha you just said "legitimate eDonkey P2P traffic".
Chortle!

posted by : Grunchy, 17 October 2007 Complain about this comment
aboutus
Advertisement
Subscribe to INQ newsletters
Click here to sign up
INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: