funsec mailing list archives
Re: 2007 Year-End Growth of More Than 200% for The Storm Botnet
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Fri, 4 Jan 2008 08:54:12 -0500
On Jan 3, 2008 5:57 PM, Paul Ferguson <fergdawg () netzero net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thorsten Holz writes on the Honeyblog: [snip] As you can see, the first days before Christmas the size of the botnet was around 5-14 thousand infected machines. However, just around Christmas the size grows again due to successful infections and new victims which fell for the social engineering mails. For now, the botnet has peaked at about 40 thousand infected machines being online at a time. Moreover, the picture also shows a clear diurnal pattern: many infected host are located in the US and these machines are turned off during the night, leading to fewer online machines within the botnet.
Also, over the Winter Break, College students will turn off their computer for 10 or so days, starting at just before X-Mas and leading up to just after NYE..
[snip] More here: http://honeyblog.org/archives/156-Measuring-the-Success-Rate-of-Storm-Worm. html Storm really is the Energizer Bunny of botnets. ;-)
Well at least you can track Storm. If the infections are Nugache, you would have to wait a few months in hope of everyone checking in order to attempt to get an accurate number, which you still wouldn't get.. -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 2007 Year-End Growth of More Than 200% for The Storm Botnet Paul Ferguson (Jan 03)
- Re: 2007 Year-End Growth of More Than 200% for The Storm Botnet Dude VanWinkle (Jan 04)