The Windows Malware Storm - 2,5 Million Machines Cleaned

The Windows operating system is at the heart of a violent wave of malware referred to as "Storm." Distributed Denial of Service attacks, mass phishing emails, spam, botnets, are just some of the examples of online malicious activity generated as a consequence of the attackers leveraging the Windows Storm malware. Jimmy Kuo, Senior Security Researcher with the Microsoft Security Research & Response team, revealed that the mass of Storm malware is composed of a plethora of malicious components, each one with its own purpose.

"Here at Microsoft, we refer to certain components as Win32/Nuwar and others as Win32/Tibs. Other names such as Zhelatin and shorter names associated with brief attacks have also been used, such as e-card or nfltracker. As I noted, there are many different components, each with its own specialized functionality, so over time, many names have been used," Kuo stated.

In order to offer Windows users an additional layer of protection, Microsoft decided to introduce the Storm family of malicious code into the latest release of the Malicious Software Removal Tool, made available in September and which can be downloaded here. Kuo informed that the security tool adjacent to the company's monthly release of patches has made its way on no less than 350 million machines worldwide.

"The Renos family of malware has been removed from 668,362 distinct machines. The Zlob family has been removed from 664,258 machines. And the Nuwar family has been removed from 274,372 machines. In total, malware has been removed by this month's MSRT from 2,574,586 machines. So, despite some public concern in the press and among researchers about the "Storm" worm, it ranks third among the families of malware whose signatures have been added to the MSRT," Kuo added.

The updated Malicious Software Removal Tool managed to render useless no less than one-fifth of "Storm's" Denial of Service (DoS) capability in the first day of the release. But Kuo added that the malware authors behind Storm also updated in response to Microsoft's actions.