funsec mailing list archives
"Storm Worm Botnet Partitions May Be Up For Sale" (slashdot)
From: Paul Vixie <paul () vix com>
Date: Mon, 22 Oct 2007 15:49:29 +0000
"There is evidence that the massive Storm Worm botnet is being broken up into smaller networks, and a ZDNet post thinks that's a surefire sign that the CPU power is up for sale to spammers and denial-of-service attackers. The latest variants of Storm are now using a 40-byte key to encrypt their Overnet/eDonkey peer-to-peer traffic, meaning that each node will only be able to communicate with nodes that use the same key. This effectively allows the Storm author to segment the Storm botnet into smaller networks. This could be a precursor to selling Storm to other spammers, as an end-to-end spam botnet system, complete with fast-flux DNS and hosting capabilities." http://it.slashdot.org/article.pl?sid=07/10/16/155209 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- "Storm Worm Botnet Partitions May Be Up For Sale" (slashdot) Paul Vixie (Oct 22)
- Re: "Storm Worm Botnet Partitions May Be Up For Sale" (slashdot) Dude VanWinkle (Oct 22)