Storm Worm Dancing Past PC Defenses
By Online Security Authority on Feb 3, 2007 in Home PC Security, Online Security Authority, Privacy, Thoughts on Security, Website Security
David Utterm, Staff Writer 2007-02-01
Short life times for the Storm worms, and a multitude of variants, have combined to be part of the reason why fighting them has become a difficult effort for security companies.
The Storm has been spreading over the Internet for weeks now. Emails hit inboxes with plausible Subject lines and innocent looking attachments. The next thing that happens to an unwary users is a system infection, launched by the file connected with those spams.
Security firm CommTouch said in its Malware Trends Outlook Report that four reasons have contributed to the continued spread of Storm:
• High Distribution Intensity: Storm-Worm attacks repeatedly in intense, high-volume waves. This substantial quantity ensures a wide distribution of the malware across the Internet.
• Vast Variant Quantity: Storm distributes a vast number of malware variants, over 7000 distinct variants on several days of the outbreak, and over 40,000 altogether during the report period. Since each variant or group of variants requires a different signature, it is impossible for anti-virus engines to keep up with this rapid-fire pace.
• Brief Variant Lifetime: The fleeting lifetime of each variant is two to three hours on average, and each variant rarely makes a second appearance during the outbreak. Since it takes several hours to develop a new signature or heuristic, and up to several days to distribute to end-users, these short-lived variants are typically out of distribution by the time traditional anti-virus defenses are available.
• Low Variant Volume: Each variant is distributed in relatively small quantities or instances. Since an AV vendor must be aware of a malware sample in order to analyze it in its laboratory, distribution in low numbers often enables the malware to “fly below the radar” of the traditional anti-virus engines.
With the RSA Conference coming up, we chatted with Marc Maiffret, CTO and chief hacking officer at eEye about these topics. It’s a condition of being online that has to be addressed, and he believes that the newest version of his company’s newest edition of Blink will be suited to handle this.
OSA Editorial Comments:
This goes back to my main issue, that we not punishing Cyber Criminals and until we start to say: “enough is enough” or scream out from the rooftops that “Were not going to Take IT Anymore!!”
We as an Internet family have to band together and force politicians, the Federal Government, and International leaders to make changes in how we treat Cyber Criminals.
If we don’t start NOW! Then nothing is ever going to change and it’s only going to worse, with each new threat our personal security becomes something we can’t protect anymore and then we truly are all Victims!
Get “7? Fraud-Prevention DVDs
No Charge, No S/H, No Strings!
Your Online Security Authority
Bill Wardell
Popularity: 5% [?]
OSA Related Websites - How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware
- I hate viruses
- Adware And Spyware Such A Pain
- Seven Things You Must Do to Prepare for An Emergency
- World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks
- Fishing Report: January 22, 2010
- Save Time, Money and Space in Over 80 Ways
- Are Spywares & Viruses Getting Out of Control?
- How to wreck your business credibility and how to avoid it
- Time for 'Big Sis' to Pack her Bags - FIRE Janet Napolitano!
