Well just learned this today you wont find this in everyday news, the storm botnet --> is a botnet, a group of "zombie" computers controlled remotely."The botnet reportedly is powerful enough as of September 2007 to force entire countries off the Internet, and is estimated to be able to potentially execute more instructions per second than some of the world's top supercomputers."[1]
So basically it almost brought the whole U.S. internet to the halt like 2 weeks ago or so, right now its function at 7% sending spam and malware and the code is so well executed and hard to decipher the code. The people are blaming Russian Business Network (RBN) but the RBN is say that they did not do it.
just a small article here about it you can find other on the netz
Some more history on the storm botnet for those of you who are interested (Read it so you get an better idea about the story).
The Storm Botnet is a distributed computer network consisting of computers remotely controlled without their owner's knowledge. Computers in the Storm Botnet are home and small office machines running the Microsoft Windows operating system which have been infected by the Storm worm. Storm got it's name as the worm was first spread though spam email with the subject "230 dead as storm batters Europe." Today, the Storm Botnet is considered to be the largest botnet in the world, with as many as 5 million computers under it's control. Efforts to combat Storm have been met with targeted resistance, suggesting that artificial intelligence and automated adaptive defense techniques are being utilized.
The Storm worm, termed Nuwar by Microsoft but popularly referred to as Storm, was first identified in January 2007. Within one week of it's discovery, the worm had successfully infected over one million personal computers. This success is credited to the ambiguous yet catchy email subject lines in propagation emails, which like the original "storm" subject often referred to current news events. When these email messages are opened in an insecure email client such as Outlook or Outlook Express, an executable attachment downloads and installs several malware packages to the host computer. Usually, in addition to a trojan and a worm update, a rootkit is installed on the host computer, thereby masking any evidence of infection.
In fact, the Storm rootkit had been proven to disable any anti-virus programs running on the computer while leaving it's executable file running. The updated worm then mutates slightly, harvests email addresses in the email client and browser cache, and sends itself to those addresses. Unlike other worms which have a master computer hard-coded into their code, the mutated Storm worm contains only a list of other Storm-infected machines with which it can communicate, but not the address of the botnet master. Communication between each Storm node and the master is performed in a P2P fashion, with each machine functioning as both a slave and as a messenger between nodes.
Once a computer is infected with the Storm worm, it becomes part of the Storm Botnet. With 250,000 nodes active at any particular time, the Storm Botnet is estimated to range between 2 million and 5 million computers total. This provides the network with more RAM, disk space, and computing power than many of the world's most powerful supercomputers. However, Storm's strength is not in it's shear computing resources but rather in it's distributed nature, as the computers consisting of the botnet have more available bandwidth than most countries have in their entirety.
References [1] Spiess, Kevin. "Worm 'Storm' gathers strength", Neo Seeker, September 7, 2007.
So basically it almost brought the whole U.S. internet to the halt like 2 weeks ago or so, right now its function at 7% sending spam and malware and the code is so well executed and hard to decipher the code. The people are blaming Russian Business Network (RBN) but the RBN is say that they did not do it.
just a small article here about it you can find other on the netz
Some more history on the storm botnet for those of you who are interested (Read it so you get an better idea about the story).
The Storm Botnet is a distributed computer network consisting of computers remotely controlled without their owner's knowledge. Computers in the Storm Botnet are home and small office machines running the Microsoft Windows operating system which have been infected by the Storm worm. Storm got it's name as the worm was first spread though spam email with the subject "230 dead as storm batters Europe." Today, the Storm Botnet is considered to be the largest botnet in the world, with as many as 5 million computers under it's control. Efforts to combat Storm have been met with targeted resistance, suggesting that artificial intelligence and automated adaptive defense techniques are being utilized.
The Storm worm, termed Nuwar by Microsoft but popularly referred to as Storm, was first identified in January 2007. Within one week of it's discovery, the worm had successfully infected over one million personal computers. This success is credited to the ambiguous yet catchy email subject lines in propagation emails, which like the original "storm" subject often referred to current news events. When these email messages are opened in an insecure email client such as Outlook or Outlook Express, an executable attachment downloads and installs several malware packages to the host computer. Usually, in addition to a trojan and a worm update, a rootkit is installed on the host computer, thereby masking any evidence of infection.
In fact, the Storm rootkit had been proven to disable any anti-virus programs running on the computer while leaving it's executable file running. The updated worm then mutates slightly, harvests email addresses in the email client and browser cache, and sends itself to those addresses. Unlike other worms which have a master computer hard-coded into their code, the mutated Storm worm contains only a list of other Storm-infected machines with which it can communicate, but not the address of the botnet master. Communication between each Storm node and the master is performed in a P2P fashion, with each machine functioning as both a slave and as a messenger between nodes.
Once a computer is infected with the Storm worm, it becomes part of the Storm Botnet. With 250,000 nodes active at any particular time, the Storm Botnet is estimated to range between 2 million and 5 million computers total. This provides the network with more RAM, disk space, and computing power than many of the world's most powerful supercomputers. However, Storm's strength is not in it's shear computing resources but rather in it's distributed nature, as the computers consisting of the botnet have more available bandwidth than most countries have in their entirety.
References [1] Spiess, Kevin. "Worm 'Storm' gathers strength", Neo Seeker, September 7, 2007.
Last edited by blademaster (2008-01-28 11:59:46)
