International Telecommunication Union   ITU
Site Map Contact us Print Version
 Monday, 22 October 2007

Brandon Enright, a network security analyst at University of California, San Diego, recently presented his findings at the Toorcon hacker conference in San Diego indicating the steady shrinking of the Storm Worm Botnet. According to Enright, it is now about 10 percent of its former size. Enright has been tracking Storm since July. "He has developed software that crawls through the Storm network and he thinks that he has a pretty accurate estimate of how big Storm really is. Some estimates have put Storm at 50 million computers, a number that would give its controllers access to more processing power than the world's most powerful supercomputer." Enright asserts that the numbers are far less terrifying though saying that in July, Storm appeared to have infected about 1.5 million PCs with 200,000 of which being accessible at any given time. He said that "a total of about 15 million PCs have been infected by Storm in the nine months it has been around, although the vast majority of those have been cleaned up and are no longer part of the Storm network."

According to Enright, the Storm Worm botnet started to dwindle in July when antivirus vendors began stepping up their tracking of Storm variants and got a lot better at identifying and cleaning up infected computers. With Microsoft's added Storm detection (Microsoft's name for Storm's components is Win32/Nuwar) into its Malicious Software Removal tool available with every Windows system, which was released on September 11, Storm infections dropped by another 20 percent overnight. Enright's most recent data counts 20,000 infected PCs available at any one time, out of a total network of about 160,000 computers.

To read the full article, click here.