Has Storm stopped sending spam?
The daily volume of spam produced by the Storm botnet during 2008.
(Credit: Marshall)The creators of the Storm botnet have either ceased sending out spam or have moved on to a newer botnet, security researchers have concluded.
Marshal, a security vendor that specializes in spam protection, on Tuesday noted a marked downturn in the amount of spam attributed to hosts infected with Storm within the last month. For the last few weeks other researchers have also noticed the sharp decline.
"We don't know what happened here, if somebody put the kibosh on them or not," said Jose Nazario, a security researcher for Arbor Networks. "In terms of the number of hosts out there, there are still a lot of hosts--they're just sort of quiet."
Storm started and got its name from an infected e-mail promising information about a large winter storm in Europe in early 2007.
At its peak, in mid-2007, Storm accounted for up to 20 percent of all spam sent. Then, in September 2007, Microsoft included a removal signature in its Malicious Software Removal Tool. Security experts say that update alone removed up to a quarter million infected hosts and greatly diminished Storm's ability to produce large spam campaigns despite a few attempts earlier this year.
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
I also feel the bad guys will be (or are already) shifting more and more of their resources and efforts toward hacking cell phones. Stealing from a computer user generally requires interaction by the user especially since anti-malware software has matured to the point that it's pretty darned effective in squashing automated threats. Soon the unwashed cell phoners numbering in the 100's of millions will be downloading tons of crap without restraint or thought - the kind of crap that will automatically charge for bogus products and services that' ll show up on their phone bills 30 days later (and the phone bills of everyone in their phone book). With that kind of potential, why bother with obsolete schemas while the golden egg is sitting there in some poor sap's cell phone running the free malware laced i'm-so-special ring tone.
How many anti-malware / anti-virus programs are readily available for cell phone users ?
Any recommendations ?
Cheers Nev