The Honeynet Project blog is carrying an article about a new botnet that appears to be a revival of the Storm Worm network that died out in 2007 — once one of the biggest on the Internet.
They said Steven Adair from Shadowserver found that the new botware uses the same configuration file (C:WINDOWSherjek.config) as Storm. The new version, however uses an HTTP-based command-and-control channel instead of peer-to-peer.
This is good news if you enjoyed the penis pill, dating service and on-line pharmacy spam that Storm was pumping out three years ago.
Honeynet project blog here.
The Register story “Infamous Storm botnet rises from the grave” here.
Tom Kelchner