Elephants and bank robbing, not a good mix

Remember the Storm Worm, which rapidly swept onto users' computers in January via a bogus e-mail about a real-life, fast-moving European storm front?

Well, security firm SecureWorks released information Thursday noting the size of the botnet has swelled to 1.7 million bots in the months of June and July, up from 2,815 in the first five months of the year.

SecureWorks also notes that while the botnet has primarily been used for spamming, the hacker or hackers in charge of the ever-growing botnet may use its amassed army for more devious activities.

"We don't know the motive of the Storm author, however, one possible theory could be that the hacker plans to use the Trojan for more malicious activity than sending spam," said Joe Stewart, SecureWorks senior security researcher, in a statement.

But one unlikely scenario is using a humongous botnet to steal sensitive personal information. Over the past couple of years, security researchers have noticed the size of botnets has shrunk, as malicious thieves seek to remain under the radar for as long as possible when stealing usernames and passwords for online bank accounts, brokerage accounts and the like. Think of it as the difference between a robber entering a bank vault riding an elephant, or slipping in like a cat burglar.

Stewart, however, threw out one possibility. That maybe the Storm author or authors would lease out their botnet for a massive attack against a country or organization.