Has Storm stopped sending spam?

Researchers find that spam output produced by the once prolific botnet has dwindled to almost nothing in the last month.

The daily volume of spam produced by the Storm botnet during 2008. Marshall

The creators of the Storm botnet have either ceased sending out spam or have moved on to a newer botnet, security researchers have concluded.

Marshal, a security vendor that specializes in spam protection, on Tuesday noted a marked downturn in the amount of spam attributed to hosts infected with Storm within the last month. For the last few weeks other researchers have also noticed the sharp decline.

"We don't know what happened here, if somebody put the kibosh on them or not," said Jose Nazario, a security researcher for Arbor Networks. "In terms of the number of hosts out there, there are still a lot of hosts--they're just sort of quiet."

Storm started and got its name from an infected e-mail promising information about a large winter storm in Europe in early 2007.

At its peak, in mid-2007, Storm accounted for up to 20 percent of all spam sent. Then, in September 2007, Microsoft included a removal signature in its Malicious Software Removal Tool. Security experts say that update alone removed up to a quarter million infected hosts and greatly diminished Storm's ability to produce large spam campaigns despite a few attempts earlier this year.

Tags:
Security
About the author

    As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.