57 Million Spam E-mails In One Day

Technology that Shapes Our Lives

August 22, 2007

Storm Botnet Has Sent More Than 1.2 Billion Spam Emails

The Storm botnet sends out a record 57 million e-mails in one day.

The Storm botnet, or Storm worm botnet, is a remotely controlled network of “zombie” computers (or ‘botnet’) that has been linked by the Storm Worm, a Trojan horse spread through e-mail spam.

The Storm botnet was first identified around January 2007, with the Storm worm at one point accounting for 8% of all malware on Microsoft Windows computers.

First detected on the Internet in January 2007, the Storm botnet and worm are so-called because of the storm-related subject lines its infectious e-mail employed initially, such as “230 dead as storm batters Europe.” Later provocative subjects included, “Chinese missile shot down USA aircraft,” and “U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel.”

The botnet, or zombie network, comprises computers running Microsoft Windows as their operating system.  Once infected, a computer becomes known as a bot. This bot then performs automated tasks—anything from gathering data on the user, to attacking web sites, to forwarding infected e-mail—without its owner’s knowledge or permission. Estimates indicate that 5,000 to 6,000 computers are dedicated to propagating the spread of the worm through the use of e-mails with infected attachments.

Efforts to infect computers usually revolve around convincing people to download e-mail attachments which contain the virus through subtle manipulation. In one instance, the botnet’s controllers took advantage of the National Football League’s opening weekend, sending out mail offering “football tracking programs” which did nothing more than infect a user’s computer.  According to Matt Sergeant, chief anti-spam technologist at MessageLabs, “In terms of power, [the botnet] utterly blows the supercomputers away. If you add up all 500 of the top supercomputers, it blows them all away with just 2 million of its machines. It’s very frightening that criminals have access to that much computing power, but there’s not much we can do about it.”  It is estimated that only 10%-20% of the total capacity and power of the Storm botnet is currently being used.