Storm worm facing extinction
By Stuart Turton
Posted on 13 Jan 2009 at 10:09
German researchers claim to have developed a new technique that could eradicate the scourge of the Storm worm.
The Storm worm first appeared two years ago, posing as information on the storms battering Europe at the time, before adopting other guises rooted in topical news items. It quickly compromised millions of machines, turning them into zombie drones that formed part of a massive botnet used by hackers to send spam and perform other illegal activities.
Microsoft made a decent stab of eradicating the Storm worm with the release of its Malicious Software Removal Tool, but according to researchers 100,000 infected machines still exist.
Enter the team from Bonn University and RWTH Aachen University, who claim to have found a way to automatically purge these dregs from the internet.
The team started by taking apart the Storm worm client in order to understand how compromised machines communicated with control servers. They then developed their own software, capable of attaching itself to the Storm worm's peer-to-peer network and mimicking the appearance of a control server.
The team found that zombie machines hunting out new command servers could easily be routed through to their own control server, as Storm worm demands no authentication.
Once attached to the dummy server, the team says it's a simple matter to instruct the compromised machine to download clean up software, purging the Storm worm completely.
However, the team admits it has not yet tested the technique in the real world as it could place it on the wrong side of laws that prevent the modification of computer systems without the owner's consent.
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- The government website that doesn't work with IE, Chrome, Firefox, Safari, Macs or smartphones
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software