Over the past few months we have commented a lot on the waves of “Storm” spam and the troublesome botnet behind it. In contrast to the rapidly changing storm attacks in August and early September, since 17 September the Storm has remained fixed on its ‘game download’ theme. And over the last few days Storm activity has dropped away to almost nothing. Why could this be?
One contributing factor is that Microsoft is now targeting the Storm family via its Malicious Software Removal Tool (MSRT). With the MSRT, Microsoft targets specific malware families, updating the tool monthly via its regular software update mechanism. Recently Microsoft decided to target the Storm, and included updates for it in its September 11 MSRT update. The team behind the MSRT reported that September’s MSRT cleaned some 280,000 PCs infected by Storm components.
So Microsoft, it seems, has made an impact on Storm’s operations. Moreover, future versions of MSRT will continue to focus on the storm. According to Microsoft’s Anti-Malware Engineering Team:
“…once we set our sights on a particular malware family, we will continue in that fight. So, we await the next release of MSRT when hopefully, we will take another bite out of crime”.
While we are highly likely to see new variants of Storm and continued activity from this group in the future, continued focus by Microsoft’s MSRT is welcome news indeed.
