Website tracks progress of Storm virus

Storm has morphed into a botnet capable of various tasks, such as spamming and carrying out phishing attacks, says Secure Computing

Shortly after its first anniversary, the Storm worm botnet is believed to be in control of hundreds of thousands of computers around the world.

Secure Computing, a vendor of gateway security products, is tracking the progress of the botnet and has given it a graphic profile on a website called StormTracker.

The website, on Secure Computing’s research portal, displays real-time information compiled through sensors in over 70 countries, says Eric Krieger, Secure Computing’s Australia-New Zealand country manager.

Storm has morphed into a botnet capable of various tasks, such as sending spam, establishing malicious web pages or carrying out phishing attacks, according to Secure Computing.

The company believes that the Storm botnet is operated by individuals in Russia, based on the firm’s analysis and registration of domain names, he says.

StormTracker shows information about the daily growth of Storm infections, the registration and use of new attack domains and geographic distribution of the web proxies used by the Storm to host its malware binaries, says Krieger.

He says there are about 5,500 Storm attacks daily. More than 56% of machines in the botnet are in US, Russia or South Korea.

StormTracker is part of Secure Computing’s TrustedSource, a reputation-based technology, which looks at the reputation of the IP address before it is let through the gateway.

The IP address is sent to servers — in one of five locations in the world — where it is checked, tested and given a credit score, says Krieger. A message is then sent back to the gateway with the information, leaving the user to decide what further action to take.

The servers store up to 12 billion IP addresses, he says.

Secure Computing has been considering opening an office in Auckland for the last two years. Krieger is in the process of appointing a channel account manager, who will be based in New Zealand, and that appointment will be the first step, he says.

Up until now, the company has managed the New Zealand market from Brisbane, where it employs 35 engineers. In the last 10 years, New Zealand revenue has grown from 4% to 13% of total Australasian revenue, he says.

— Additional reporting by Ellen Messmer, Computerworld UK.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags secure computingstormSecurity ID

Show Comments