As storm was gathering in Europe another storm was picking up its pace on net. In the first biggest attack of the virus the Trojan horse ‘Storm Worm’ by antivirus vendor F-secure left many PC’s infected and the true scale of devastation that it caused is yet to be gauged.
As the most business scan there mails for executable files so they might have been saved but according to reports the home PC’s will be the worst hit segment.
Net users were lured into the trap as the e-mail that arrived offered latest news on weather, Chinese missile test and Fidel Castro’s death. Upon downloading the executable portion got executed and the Virus started building its own network and that zombie PC then becomes a botnet as it will open the security door and then can be remotely controlled and the rootkit ensures that the program stays hidden.
Generally all these botnets are controlled by a single server but in this case it worked like a peer to peer network with no central control there by making it hard to detect and destroy.
Each of the infected machines will combine with list of subsets of the botnet network and none of the hosts has full list of the other infected hosts. Director of the Anti-virus research Mikko Hypponen said that when the virus was first unleashed it was undetectable and
“The bad guys are putting a lot of effort into it–they were putting out updates hour after hour.”
According to mail service vendor MessageLabs this was a very aggressive campaign and said that it must be the handy work of first timers who wanted to make a name for themselves.
Senior technology consultant for Sophos (another Anti-virus vendor) Graham Cluley says that they think more such attacks are on the way and this botnet will be hired for spamming, adware circulation or will be handed over to extortionists to distribute Denial-of-service attacks.
Via: Newscom
