Skip Navigation Links
By Richard Anderson, Ph.D., Information Security Coordinator
Over the last several months UNT Information Security has detected continuous new infections by a computer trojan usually called "stormworm." It typically arrives as an email which contains a message enticing the user to click on a link. A typical trojan email might mention that you've received an "eCard", an eBay auction link, an online video (like YouTube), registration links, or
links to news articles. The emails are so varied that we expect them to evolve continuously, and the best defense is for users to read email with extreme caution. This malicious software specifically
attacks Microsoft Windows and once infected can even distribute the trojan from your computer.
The network of infected machines being used to propagate the malware
is massive. I've seen estimates of the stormworm network ranging from 10
million infected machines to 50 million nodes. If these
estimates are correct, the owners of the stormworm network have the
computing power equivalent to one of the world's largest super computers
dedicated to spreading malware, sending spam, conducting denial of
service attacks, and other uses.