October 11, 2007
The Worm That Roared (Sept 27, 2007)
(...) The Storm Worm is a marvel of social engineering. Its subject line changes constantly. Whoever produced it--and its many later variants--has a lively feel for the seductive come-on and a thorough grounding in human nature. Nobody knows who's behind the Storm Worm. F-Secure suspects a group based in Russia, but there's no way to be sure, and recent Storm Worm subject lines referring to Labor Day and the start of the football season suggest that those involved have an American connection (...) It's also clear that they've been pulling their punches. Right now the Storm Worm gang controls a massive amount of computing power, as much as some of the world's largest supercomputers, and all they do with it is send out spam and conduct the occasional denial-of-service attack (bombarding a specific server with traffic until it shuts down). We're lucky: so far they haven't gone in for more lucrative, damaging activities like online gambling, stock scams and stealing passwords and credit-card information. Is it possible that even a worm can have a conscience?