* Posts by Kurt Baumgartner

1 publicly visible post • joined 1 Apr 2008

Storm Worms exploit April Fools

Kurt Baumgartner

new variant research

The set of Storm threats we are researching seem to be a bit dumbed down from a technical perspective -- it could be that the group originally developing it last year has backed off and new individuals have taken over. Whoever it is, the code base has changed and commodity exploit kits are no longer being used by the group.

Also of note, Storm propagation activity was quiet over the last holiday (easter).

AV scan detection was close to non-existent yesterday afternoon when the threat was circulating, and it seems to be because of the major changes in the code and stripping out the exploits on their web pages. We'll continue with details http://blog.threatfire.com

Happy april fool's!