Printed from www.pcpro.co.uk
Storm worm thunders into February malware chart
Posted on 1 Mar 2007 at 12:48
The deluge from the Storm worm places it at the top of the malware charts in February, according to findings from security appliance vendor Fortinet.
The worm, also known as Tibs, accounted for 3.91 per cent of all malware detected in the month. Only phishing emails were more prevalent than the worm.
According to Guillaume Lovet, threat response team leader at Fortinet, no less than 36 different variants of the Storm Worm were seen active this month.
'The overwhelming presence of the Storm worm is not without consequence, as it is being leveraged to generate and relay massive amounts of spam,' said Lovet.
'However, the battle against spam is not lost. A purely factual analysis of the situation tends to prove that in the final race to arms against content analysis filters, spammers are losing ground.'
The company found that on 8 February, one variant of the Storm worm accounted 60 per cent of all Tibs-related detections.
Lovet said that one very observable consequence of the worm was an increase in the volume of spam emails occurring since the end of 2006.
The Storm worm, alongside another worm named 'Stration', were purely meant to create large-sized botnets, more or less centralised. Stration's net consists in syndicated smaller traditional IRC botnets while Tibs implements a peer-to-peer botnet.
'Reducing the number of infected machines would effectively tackle the spam problem, at least, in the proportions it has taken today,' said Lovet. 'The problem is the number of infected machines, on the contrary, is growing everyday. The reasons for that are multi-fold, but the consequence is that we are left trying to cope with massive amounts of spam.'
Lovet added that content analysis is not the only means to block spam.
'Analysing the envelope rather than the content of the letters is a strategy frequently implemented in anti-spam filtering systems,' he said. 'For instance, it may consist in comparing the incoming IP address to real time block lists or reputation systems.'
He said that although such approaches are often purely reactive - leaving windows of opportunity opened for rogue IP addresses to send out spam - it could also help reduce the amount of bulk mails reaching end-users' boxes.
Author: Rene Millman
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Avira Premium Security Suite 9
- ZoneAlarm Internet Security Suite
- Webroot Internet Security Essentials
- Trend Micro Internet Security
- PC Tools Internet Security 2009
- Panda Internet Security 2009
- Norton Internet Security 2009
- Kaspersky Internet Security 2009
- F-Secure Internet Security 2009
- Eset Smart Security
- BitDefender Total Security 2009
advertisement
