Friday, October 17, 2008

Atrivo Shutdown Hastened Demise of Storm Worm

Brian Krebs writes on Security Fix:

The infamous Storm worm, which powered a network of thousands of compromised PCs once responsible for sending more than 20 percent of all spam, appears to have died off. Security experts say Storm's death knell was sounded by the recent shutdown of Atrivo, a California based ISP that was home to a number of criminal cyber crime operations, including at least three of the master servers used to control the Storm network.

The Storm network consisted of a complex hierarchy of servers designed to balance the load of sending spam and and to hide the location of the master servers that the Storm worm authors used to operate the network.

Three out of four of those control servers were located at Atrivo, a.k.a. Intercage, said Joe Stewart, a senior security researcher with Atlanta based SecureWorks who helped unlock the secrets of the complex Storm network. The fourth server, he said, operated out of, an Internet provider based in the Ukraine.

More here.


Post a Comment

<< Home