Experts are predicting the Storm Trojan’s reign will continue.

Antivirus companies, as well as security researchers and experts, have said the size of the botnet creatd by Storm is well into the millions of machines.  In fact, some estimates going as high as 50 million infected PCs.  However, despite all of the attention Storm has received, new research into its impact and reach shows that the number of active Storm bots operating at any one time is significantly less than one million…probably closer to 200K.

Symantec’s research on Storm - which is focused on the amount of spam messages that infected PCs send out -4,375 unique IP addresses were infected during the 24 hour reporting period.  The reporting period was a 24 hour period in August.  In September that number jumped to 6000 with only 25% overlapping from the previous month.

Microsoft added Storm to its Malicious Software Removal Tool, and cleaned Storm from more than 274,000 infected machines - eliminating about 20% of the malware’s DDoS capability in one day.

The economies of scale on the Internet can increase the power and reach of botnets even 1/10th the size of Storm.  Broadband connections and fast PCs mean that a malware author doesn’t necessarily need a botnet of millions to make money sending spam or selling processing power to attackers. In fact, huge networks can be a detriment to criminals looking to evade detection. No need to attract attention with a massive botnet when a much smaller one will do the job just fine.

Storm’s creator has modified and updated the software a number of times this year, and experts expect that to continue. At least for now, they say, there is no end in sight to Storm’s reign.

Are you protected? Let us help you decide. Review: Security Threats