Security news site DarkReading said that the hackers behind Mayday use peer-to-peer connections to deliver instructions to infected machines.
Mayday spreads itself through PDF attachments in emails, and has the ability to evade many antivirus products. The worm has reportedly amassed thousands of infections, almost entirely in the US and Canada.
DarkReading cited security firm Damballa, which suggests that Mayday could amass a larger and more powerful botnet than Storm.
Some security vendors, however, are taking a wait-and-see approach before handing Storm's botnet crown to Mayday.
Symantec researcher Brian Ewell wrote in a company blog that he has only seen limited incidences of Mayday, or Daymay as Symantec refers to it.
"It is yet to be seen how successful the Trojan will be in terms of expanding its presence," wrote Ewell.
"Of course, it is always best to practise safe computing and that includes being wary of unsolicited email attachments."
.jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
