SECURITY expert Joe Stewart reckons that the Storm botnet has been broken up into smaller networks so that it can be flogged to spammers and DoS attackers.
Stewart, who works for SecureWorks, said the latest variants of Storm are now using a 40-byte key to encrypt their Overnet/eDonkey peer-to-peer traffic.
Writing in his bog, Stewart said that this allows the Storm author to segment the botnet into smaller networks and flog it off to other spammers.
He warned that if this happens the Storm Work network would be all over the net really quickly.
It has been estimated that between one to 10 million CPUs are part of the Storm Work network.
On the plus side, Stewart said that the new encryption scheme meant it was easier to distinguish Storm-related traffic from legitimate Overnet/eDonkey P2P traffic. µ
Hype for HyperThreading
Hey kids, leave them iPhones alone
The Mac lady sings
Babel in yo ear