The Storm botnet, which at its height commanded around two million compromised computers, has dwindled to just around 100,000 machines during April, according to a report from Message Labs. They credit the use of malware removal tools for the change, and point to a 57% reduction in spam mail distributed by the botnet during the month as evidence. However, it’s not all good news. Message Labs discovered more than 1,200 new sites each containing malware or spyware and adware, virtually twice the number found in March. "April was a month of unpredictability with the mighty Storm botnet losing all but five per cent of its anonymous army, and web-based malware reaching new levels," said Mark Sunner, chief security analyst at MessageLabs. "This month we find ourselves fighting the cyber-crime battle on many fronts, with the bad guys using an arsenal of weapons in order to detonate spam, viruses, phishing attacks and targeted Trojans. This makes it more important than ever to have a strong security shield in place." One quite problematic discovery by Message Labs is a new technique that allows authenticated spam mail to be sent via Yahoo’s SMTP servers – in other words, it’s been authenticated as fine, but it’s not.
