Storm botnet connected to phishing ring

By

An investigation has uncovered a link between a recent phishing operation and the infamous Storm worm..

Storm botnet connected to phishing ring
Security experts believe that the botnet of infected PCs is now being leased out by its operator to other criminal groups.

Researchers at security firm F-Secure uncovered the connection while investigating a group of phishing sites posing as UK bank Halifax.

The company found that the hosting of the phishing domain was being passed around among a number of IP addresses.

When researchers cross-checked the addresses with other domains, they found domains as 'hellosanta2008.com' and 'postcards2008.com' which had been linked to fraudulent greeting cards used to spread the Storm worm over the holiday season.

The findings suggest that the operators of the Storm botnet are now allowing the network of infected machines to be accessed by other groups for various criminal activities.

"We have not seen this before. But we have been expecting something along these lines," said F-Secure chief research officer Mikko Hyppönen in a blog posting.

F-Secure is among many security firms to warn that Storm could become a commercial entity in 2008.

Researchers fear that Storm's computing power could be rented out for various criminal activities.

Storm first appeared in early 2007, circulating malware disguised as film of flooding in Europe. Since then, the controllers have used everything from spam runs to fake greeting cards to snare victims.

Experts warn that the tactics used to build and operate Storm could become a model for future botnets.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
botnetconnectedphishingringsecuritystormto

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?