Storm worm evolution continues

Summary:The Storm worm is now more streamline and stable after malware authors ditched some key functions from the malicious code, according to researchers from Symantec.

The Storm worm is now more streamline and stable after malware authors ditched some key functions from the malicious code, according to researchers from Symantec.

The worm no longer infects other legitimate drivers on the system, instead relying on its own proprietary components to "do its dirty work". It also no longer injects itself into processes such as Explorer.exe, according to a blog post by Symantec security researcher Thomas Parsons.

"The sustained development of the Storm worm (incorporating review cycles) indicates that we will continue to see solid infection rates going forward," wrote Parsons. "So, unlike the natural phenomenon, this storm continues to huff and puff and it doesn't look like it is petering out anytime soon."

The Storm botnet was initially created at the beginning of 2007, when the Storm worm was sent out via spam, hiding in e-mail attachments with a subject line of "230 dead as storm batters Europe".

Topics: Symantec, Malware, Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.