By Clive Akass
Personal Computer World
11 Feb 2008
The people behind the Storm worm are making millions of pounds a day by
using it to generate revenue, according to IBMs principal web security
Joshua Corman, of IBM Internet Security Systems, said that in the past
it had been assumed that web security attacks were essential ego driven.
But now attackers fell in three camps.
I call them my three Ps, profit, politics and prestige, he said during a
debate at a NetEvents forum in Barcelona.
The Storm worm, which had been around about a year, had been a
tremendous financial success because it created a botnet of compromised
machines that could be used to launch profitable spam attacks.
Not only do the criminals get money simply for sending out the spam in
much more quantity than could be sent by a single machine but they get a
cut of any business done off the spam.
The weak point in this case was the end user who visits a compromised
site or who falls for a trick of social engineering.
Subscribe to InfoSec News