The “Storm Worm,” a strain of malicious software once responsible for blasting out 20 percent of spam sent worldwide before it died an ignominious death roughly 18 months ago, was resurrected this week. Researchers familiar with former strains of the worm say telltale fingerprints in the new version strongly suggest that it was either rebuilt by its original creators or was sold to another criminal malware gang.
The Storm Worm first surfaced in January 2007, disguising itself as videos supposedly depicting the carnage wrought by unusually violent storms that swept through Europe at the time. But as security researchers began delving into the code
that powered the worm, they quickly realized they were up against an adversary that was significantly more sophisticated and resilient than any other threat in recent memory.
Storm spread by forcing infected systems to communicate via the same peer-to-peer file sharing systems used by millions of people to share movies and music online. These highly decentralized networks were thought to be appealing to the malware authors because they lacked a single command and control center, a critical piece of infrastructure common to most such large, remotely controlled collections of hacked PCs that were routinely targeted for dismantlement by security researchers.