IT security and control firm Sophos has identified a trend of
spam email traffic peaking in accordance with time zones across the
world. Spam emails luring unsuspecting users to infection by the
Storm (or Dorf) Trojan accounted for four percent of total email
traffic in January, with peaks in traffic occurring three times in
any 24 hour period - as computers in Beijing, London and New York
At its most prolific this month, malicious Storm spam accounted
for 16 percent, or one in six, of all emails.
Spams related to the Storm worm, also known as
Dorf, peak in volume three times a day.
"The gang controlling the Storm botnet is clearly determined;
the spam emails which spread the malware are tailored to grab your
attention by referring to timely events such as Valentine's Day or
breaking news stories," said Graham Cluley, senior
technology consultant at Sophos. "The large number of compromised
PCs in Asia, Europe and USA kickstart a new barrage of malicious
spam as they are turned on at approximately 10am each morning."
The Storm spam volume peaks as computers in
Asia, Europe and USA come online at 10am in their respective
In 2007, over 50,000 variants of the Storm Trojan were
identified by SophosLabs, and with the hackers spamming out new
versions so regularly, it is imperative that all businesses ensure
their spam and anti-malware solutions are proactively defended and
up to the task of stopping both known and unknown malware before it
can wreak havoc.
"Not only do computers need to be protected from this malicious
spam, designed to break into their PC and hand control over to
financially-motivated hackers, but they also need to be properly
defended to make sure that they are not responsible for sending the
spam in the first place," continued Cluley. "The entire internet
community is suffering because people have not properly defended
their PCs from unknowingly contributing to the problem. Storm is an
evolving problem for businesses, computer users and service
providers around the world, who all need to act now in order to
curb its spread."
Last week, Sophos published its Security
Threat Report 2008, which included a detailed chronology of
Storm's impact and the different disguises it used during the last
Sophos recommends companies protect themselves with a consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and