Storm Botnet Back Again

The Storm botnet is set to rise again, according to security experts McAfee.

Toralv Dirro posted a blog on McAfee Labs claiming the rumours about the botnet returning were true and it is being rebuilt to resemble the old school functionalities of previous Trojans.

Dirro claimed that its infamy initially led to its demise but this resurrected version made it become "just another botnet" similar to the hoards there are today sending out spam.

Researchers from Germany claimed two thirds of the new Storm was copy and pasted from the old code but one more individual aspect had been removed.

"What is missing is the original peer-to-peer (P2P) functionality, possibly in response to a tool these researchers developed that could bring down Storm," wrote Dirro.

"Cutting away the P2P functionality focuses the new Storm variants to HTTP communication with their command server."

However, Dirro still warns the botnet is something to keep a close eye on.

"The group running Storm has proven to be very resourceful in the past," he wrote, "and while it's not clear if it is the same group, or another group reusing their code, we will certainly monitor this threat carefully."

print this article

Return to security news headlines
View Security News Archive

Share with: