Ethic Solutions Free Webmaster Tools
     

Warning: ini_set() [function.ini-set]: A session is active. You cannot change the session module's ini settings at this time. in /home/hostingp/public_html/session.php on line 3

Warning: ini_set() [function.ini-set]: A session is active. You cannot change the session module's ini settings at this time. in /home/hostingp/public_html/session.php on line 5
Web Hosting Providers list / Directory
What's New | Popular | Top Rated | Search | Hosting Discussion

Web Hosting Providers List / Directory, the complete web Hosting Resource

Search :  

Add Link |   Modify Link   |   Login |     Register  |  Getting Rated  |  Link to Us  |  Feedback Us  |  Web Hosting News




Script Resource Directory
Web Directory
Software Product Development
phpLD Hacks
PSP Directory


Categories
ASP.NET Hosting
Budget Hosting
Co-located Hosting
ColdFusion Hosting
Dedicated Hosting
E-Commerce Hosting
FrontPage Hosting
Linux Hosting
Managed Hosting
Reseller Hosting
Virtual Hosting
Windows_Hosting
 

 
  Home : News : Tracking the Storm Worm  Back  
Tracking the Storm Worm
   6-18-2008  

What is the current state of Storm Worm activity, how many infected IPs are found to host the malware on a daily basis, which are the latest domains used by the Storm Worm, and which countries have the largest infected population?

Advertisement

You can easily find that out, if you keep an eye on TrustedSource’s Storm Tracker, a handy tool providing both, researchers and end users with a real-time overview of the current Storm Worm activity, of course, based on a single vendor’s sensor network as a sample of malicious activity. What are you some of the categories monitored by the service?
TrustedSource’s Storm Tracker monitors the following categories :
  • Daily New Web Proxy IPs
  • Most Active Storm Web Proxy IPs
  • Top Storm Domains
  • Newly Activated Storm Web Proxy IPs
  • Recently Seen Storm Web Proxy IPs
  • Geolocation of Storm Web Proxy IPs
After taking credit for the pioneering of P2P botnet command and control, next to the rest of commonly used botnet communication platforms, as well as the fast-fluxed botnet structure in order to create a dynamic and harder to shut down botnet, Storm Worm is currently in the orienting process if we’re to consider the OODA loop. What does this mean?
It means that, for instance, once observing the success rate of the recent SQL injection attacks, the botnet masters decided to enjoy all the noise generated by the copycats, reintroduce the same tactic that they were using in August, 2007, and started injecting their exploit serving domains into vulnerable sites hoping they would go unnoticed in between the rest of the currently active SQL injection campaigns.
Considering Storm Worm’s historical pattern of utilizing event-based social-engineering campaigns, and periods of passive behaviour, once the botnet masters orient and decide, they’ll act again for sure. It’s always calm before the real storm, especially in times when multiple storms are fighting for market share, isn’t it?
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and E-crime incident response. Dancho is also involved in business development, marketing research and competitive intelligence as an independent contractor. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis
.
Source: www.webhostdir.com
  
Home | Feedback | Advertise with us
Best viewed in 800x600 resolution with Internet Explorer.
Site Developed and Hosted by EthicSolutions.com

Free Tutorials    Web Hosting    Flash Game Source    TemplateAdvisor.com    WebMasters Discussion

Free Web Hosting  Cheap Web Hosting    Web Hosting Reviews      Webhosting provider