Storm Worm is not a new word to the cyber-security industry. This decade-old malware gained enormous popularity in 2007 for infecting millions of computer systems across the globe. Storm Worm is highly destructive and has the potential to infect powerful supercomputers as well.
What Is a Storm Worm?
In technical terms, Storm Worm is not a Worm but rather a Trojan Horse by nature that masquerades itself as a legitimate program. The malware has the capacity to infect various operating systems and injects wincom32.sys in the device service driver. In addition to this, it also opens several UDP ports on your computer to form contact with P2P network and private connections.
Once contact is established, Storm worm downloads various files on your device and then later on uses them for stealing email addresses, spreading the virus, installing backdoors, and distributing Denial Of Service attacks.
In the entire process, attackers aim at making the computer a part of the large botnet. An important point to note here is that the Storm Worm does not rely on a centralized server for command and control, instead uses command and control from individual P2P connections created by it.
This entire process makes detection highly difficult.
Spreading Techniques of Storm Worm
- Spam emails containing EXE file attachments. These emails are intelligently crafted using various social engineering techniques. They contain infected attachments and web links. In addition to this, the subject lines of the emails are designed in a way to create curiosity or fear in the user’s mind. One simple click on the email attachment can download this malware on your device.
- In addition to this Storm Worm also uses multiple third-party websites to spread its payload.
Prevention and Protection Tips
Here are some of the tips that will help you stay protected.
- Never click on email attachments and links whose source you are not sure of. These emails masquerade as legitimate emails but are loaded with malicious malware.
- Never click on third-party ads and pop-up banners.
- Avoid visiting third-party sites, these are usually infected with harmful viruses and can result in a compromised PC.
- Use a powerful antivirus program that can scan your device for PC threats and get rid of them accurately.
- Keep your device up-to-date to patch it against security bugs and system vulnerabilities.