funsec mailing list archives

Previous By Date Next
Previous By Thread Next

"Storm Worm Botnet Partitions May Be Up For Sale" (slashdot)

From: Paul Vixie <paul () vix com>
Date: Mon, 22 Oct 2007 15:49:29 +0000
"There is evidence that the massive Storm Worm botnet is being broken up into
smaller networks, and a ZDNet post thinks that's a surefire sign that the CPU
power is up for sale to spammers and denial-of-service attackers. The latest
variants of Storm are now using a 40-byte key to encrypt their Overnet/eDonkey
peer-to-peer traffic, meaning that each node will only be able to communicate
with nodes that use the same key. This effectively allows the Storm author to
segment the Storm botnet into smaller networks. This could be a precursor to
selling Storm to other spammers, as an end-to-end spam botnet system, complete
with fast-flux DNS and hosting capabilities."

http://it.slashdot.org/article.pl?sid=07/10/16/155209
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: