Defense in Depth Subscribe to Defense in Depth

May 1, 2008 1:44 PM PDT

Goodbye Storm, Hello Srizbi

Posted by Robert Vamosi

On Thursday, MessageLabs reported in its April Intelligence Report a marked decrease in the number of malware links connected to the Storm botnet. "It's not too often that a security company says that things are getting better," said Mark Sunner, Chief Security Analyst.

At its peak, Sunner said, the Storm botnet resided upon one million computers worldwide. That number has since come down to between 85,000 IP addresses at the end of April. He said that over the last eighteen months Storm has been constant, and never decreased according to MessageLabs research. "Other security companies have reported decreases in the past," he said because of different methods of studying the botnet, "but this is first decrease we've seen."

He credited the most recent patches from Microsoft with the decline. He said that in the weeks following the most recent Patch Tuesday there was a sharp drop off.

Given that the creators of Storm managed and maintained a constant flood of variations for more than one year, it's a little odd that they would just take their money and walk away. Sunner said that they are seeing an increase in Srizbi, named for the one of the Web sites from which is downloaded. A Trojan, Srizbi uses rootkit technology to hide on an infected machine but, like Storm, it is also known to relay spam.

Topics:: Bots and botnets

Tags:: security,; Messagelabs,; Storm,; botnet,; malware,; Srizbi

Bookmark:: Digg; Del.icio.us; Reddit

Recent posts from Defense in Depth: ZoneAlarm virtualizes the desktop Internet browser; Yahoo e-mail accounts compromised for spammers' use; Skeleton key unlocks Microsoft SQL servers in latest Web attack; Web browsers and other mistakes; Goodbye Storm, Hello Srizbi

Powered by Jive Software

Click Here

About Defense in Depth
With over eight years at CNET covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews with the top security researchers making the news as well as offering the hands-on, non-technical advice you'll need to stay safe online.

Subscribe to this blog
Click this link to view this blog as XML.

Add this feed to your online news reader

Defense in Depth topics

Latest blog posts from News.com

Featured blogs

Beyond Binary by Ina Fried A look at how technology is changing our lives and at the people behind all that life-changing stuff.

Coop's Corner by Charles Cooper Charles Cooper weighs in on Silicon Valley hijinks, and he doesn't suffer fools gladly.

Geek Gestalt by Daniel Terdiman At the tech culture nexus of video games, fire art, and virtual worlds.

Green Tech Fresh green tech news and commentary.

One More Thing by Tom Krazit Tom Krazit takes on the tech phenomenon that is Apple, and keeps a close watch on the chip industry.

Outside the Lines by Dan Farber When business and technology meet, that's when things get interesting.

The Iconoclast by Declan McCullagh Exploring the intersection of politics and technology.

The Social by Caroline McCarthy Exploring all facets of social media and tech culture.

Underexposed by Stephen Shankland Coverage of digital photography, science, and open-source software.

Resource center from News.com sponsors

Get More Done with Windows Mobile ®>>

CNET.com

Welcome (log out) |View profile

Log in | Sign up Why join?

On TechRepublic: Top 5 operating systems you never used

Start Doing More with Windows Mobile

Copyright ©2008 CNET Networks, Inc. All rights reserved.
Privacy policy
Terms of use