It began spreading at the beginning of the year, connecting more and more infected PCs into a ‘botnet’. And if your PC is compromised in this way then, while you may still own the machine, someone else controls it. And it can be used to a whole lot of purposes, such as spam sending, participating in denial-of-service attacks on banks, e-commerce or government websites, or for other even more sinister purposes. Of course, it affects only the machines running Windows, but that means 90 per cent of the world’s computers are vulnerable. Nobody can say how big the Storm ant colony is at the moment, but security professionals cite estimates of between 1 to 50 millions PCs worldwide. Oh, you don’t mind me saying “ant colony”, do you? Because it’s exactly how it works – it separates the duties and uses just the small fraction of hosts to spread the worm, and even smaller fraction is used as command-and-control servers, while the rest stand by to receive orders. The problem is that it spreads quietly, without drawing any attention to itself. Also, it changes form: it began as PDF spam, then transformed into e-cards and YouTube invites. Later on, it started posting blog and forum comment spam, once again trying to trick readers into clicking infected links. The spam email changes all the time as well. It comes up with new, topical subject lines and text.
If Storm were a disease, it would definitely be syphilis, whose symptoms may be mild or disappear altogether, but it will comeback years later and eat your brain. And while Storm’s quietly building its doomsday machine, nobody has any idea who’s behind it.
Comment on Storm is coming – nobody seems to notice