According to a PCWorld.com report, a new variation of the Storm Worm botnet recently appeared.
The Shadowserver Foundation, which tracks botnets, found a small sample of the new version of the virus earlier in April. The Honeypot Project, which specializes in internet threats, analyzed the worm through reverse-engineering and discovered it to be based on older code with slight variations that could prove tricky, but not as tough as its predecessor’s, to take down.
The virus eliminated its peer-to-peer system, which was how the original botnet spread so quickly. Through that system, computers simply passed the virus to each other without a decentralized point of origin. The new version spreads through internet traffic, but has been receiving instructions from a single internet protocol address in the Netherlands. As a result, experts believe the virus will be easier to stop.
“[It] doesn’t seem as resilient as the older version,” Steven Adair, a security expert at the ShadowServer Foundation, said to PCWorld.
The number of potentially affected computers is unknown at this point. The worm has been attempting to attack computers by sending out spam messages regarding pharmaceutical, adult dating and celebrity-related topics, which link to websites. The linked websites, when visited, then attack that computer by looking for weaknesses in its software to plant malware.
The original Storm Worm virus affected between 10,000 and 20,000 computers, DarkReading.com reports.