Storm Worm Usage

I read an interesting article in the Washington Post newspaper. Some researchers from UC Berkley and another university had conducted an experiment with the Storm Worm virus. They infiltrated the network of machines that have the Storm Worm. They instructed bots to send spam sending unsuspecting readers to their phony pharmaceutical sites.

Within 26 days, they had the Storm Worm distribute 350 million spam emails. They conceded that about 75% of this email got filtered out. The remaining 25% made it to people’s inboxes. Almost 30 people decided to buy pharmaceutical products from their phony sites. They ensured that their sites aborted right before the sale completed.

The average sale was over $100 worth of pharmaceutical goods. The research team estimated that they only used 1.5% of the botnet network capacity. If they were able to fully use the botnet, they projected that they could clear $3.5 million worth of sales a year. This was all through advertising using Storm Worm spam.

There are a couple lessons here to learn here. One is that botnets like the Storm Worm are profitable ventures. Smart people can hack into these botnet networks. Some small percentage of people will make purchases in response to spam email. Perhaps it is the large numbers involved that makes the small percentage worthwhile.

Do you have the Storm Worm secretly installed on your computer? You may be supporting the huge botnet network that propagates criminal activity such as the one studied by these researchers. The thing I wonder is how much are the original authors of the Storm Worm actually making out there? And if they could get such profit from these illegal activities, could their skills be harnessed for legitimate business opportunities?