Storm worm: all teeth, no shell?

bascule

omgpwnies!

Join Date: Jul 2003

Posts: 1946
- Share
- Tweet
#1

Storm worm: all teeth, no shell?

January 11, 2009, 11:32

Researchers disassembling the client of the Storm worm discovered that the peer-to-peer protocol it uses for controlling zombies is in no way authenticated. Anyone can set up a control server and route zombies to it.

The researchers considered setting up a control server which would instruct the zombies to remove the Storm worm from themselves, but were too worried about the legal/ethical implications.

45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
[ redacted ]
Tags: None
frank^2

the doppleganger

Join Date: Jan 2009

Posts: 4
- Share
- Tweet
#2

January 11, 2009, 16:04

Re: Storm worm: all teeth, no shell?

Interesting. I remember a talk at Toorcon in '07 by a researcher from UCSD discussing how he was making attempts to traverse the vast Stormworm network, only to have the entire network DDoS the school's connection. Looks like he was wrong in saying that the attack was automated.
Comment

Announcement