New version of Storm Worm malware appears

According to a PCWorld.com report, a new variation of the Storm Worm botnet recently appeared.

The Shadowserver Foundation, which tracks botnets, found a small sample of the new version of the virus earlier in April. The Honeypot Project, which specializes in internet threats, analyzed the worm through reverse-engineering and discovered it to be based on older code with slight variations that could prove tricky, but not as tough as its predecessor’s, to take down.

The virus eliminated its peer-to-peer system, which was how the original botnet spread so quickly. Through that system, computers simply passed the virus to each other without a decentralized point of origin. The new version spreads through internet traffic, but has been receiving instructions from a single internet protocol address in the Netherlands. As a result, experts believe the virus will be easier to stop.

“[It] doesn’t seem as resilient as the older version,” Steven Adair, a security expert at the ShadowServer Foundation, said to PCWorld.

The number of potentially affected computers is unknown at this point. The worm has been attempting to attack computers by sending out spam messages regarding pharmaceutical, adult dating and celebrity-related topics, which link to websites. The linked websites, when visited, then attack that computer by looking for weaknesses in its software to plant malware.

The original Storm Worm virus affected between 10,000 and 20,000 computers, DarkReading.com reports.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s