[nsp-sec] Question about the known capability of Storm...
Steve Romig
romig.1 at osu.edu
Sun Feb 3 23:55:19 EST 2008
We have an incident investigation underway involving a laptop that
was infected with Storm. Lawyers involved in the investigation are
wondering whether there are any cases where Storm is known to have
been used to steal SSNs (or I suppose credit card numbers). I've
read that Storm infected computers have been used in phishing
attacks, but that's not what they're wondering about.
I realize that there's no practical way to demonstrate that this
hasn't been done in our case, but that's not the question that the
lawyers are asking.
If you know whether there are any variants of Storm that contain code
to search for SSNs or credit card numbers on the local system, or
whether you know of cases where someone "strongly" suspected that
Storm was being used to harvest SSNs or credit card numbers directly
from the infected system, could you drop me a line?
Thanks.
--- Steve
More information about the nsp-security
mailing list