Storm Worm

The Storm Worm (dubbed so by the Finnish company F-Secure) is a phishing backdoor[1][2] Trojan horse that affects computers using Microsoft operating systems,[3][4][5] discovered on January 17, 2007.

These emails contain links to websites hosting some of the following files, which are confirmed to contain the virus: According to Joe Stewart, director of malware research for SecureWorks, Storm remains amazingly resilient, in part because the Trojan horse it uses to infect systems changes its packing code every 10 minutes, and, once installed, the bot uses fast flux to change the IP addresses for its command and control servers.

[citation needed] The list of antivirus companies that can detect the Storm Worm include Authentium, BitDefender, ClamAV, eSafe, Eset, F-Prot, F-Secure, Kaspersky, McAfee, Sophos, Symantec, Trend Micro, avast!

An intrusion detection system offers some protection from the rootkit, as it may warn that the Windows process "services.exe" is trying to access the Internet using ports 4000 or 7871.

Although Dr. Gutmann makes a hardware resource comparison between the Storm botnet and distributed memory and distributed shared memory high performance computers at TOP500, exact performance matches were not his intention—rather a more general appreciation of the botnet's size compared to other massive computing resources.

However, this is being disputed by security researcher Bruce Schneier,[19] who notes that the network is being partitioned in order to sell the parts off independently.